Favoris indesirables (cool stuff) - log hijac

ens -  
incognito02 Messages postés 3487 Statut Contributeur -
Bonjour

J'ai regarder rapidement les autres messages comportant le probleme pour gagner du temps...

J'ai des favoris indesirables que se sont installés et forcement impossible de les enlever. J'ai essayé, scan antivuris puis spyboot, ad aware, cleanup c cleaner en mode normal et sans echec, bref rien de nouveau il sont toujours la!!

Config du pc 1.2ghz 256mo de memoire, winxp, ie 6, antivirus securitoo,

J'ai fais un log avec hijackthis
le voici

Logfile of HijackThis v1.99.1
Scan saved at 15:01:06, on 02/08/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\JEAN-MARIE\ECB.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\LVComS.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.laposte.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://bw.myway.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\System32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Microsoft Update Machine] kdrmzqz.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [eCarteBleue-LP-P1] "C:\JEAN-MARIE\ECB.exe" /dontopenmycards
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [axismore1dead] C:\Documents and Settings\All Users\Application Data\bash start axis more\Tool camp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] kdrmzqz.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] kdrmzqz.exe
O4 - HKCU\..\Run: [Voissa No Pubs] C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe -hide
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajouter un Pop-Up - {DE39E849-A37D-4126-8AE1-1551364ADA96} - C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {DE39E849-A37D-4126-8AE1-1551364ADA96} - C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_pao_med.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} - http://adserver.sharewareonline.com/adserver/Install.cab
O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120239932340
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://franceloisirs.fujifilmnet.com/MCLPhoto.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BEF9DA9B-002E-4901-AEFD-53043E9F3964} (Djingle InstallAx Control) - http://www.declicsvip.com/player/install/soft/installax_autovip_autodeclics.cab
O16 - DPF: {DF4F4ED9-420B-4F40-AEE6-A620460306E7} (CantocheLivingActorInstaller2 Class) - http://ak.cdiscount.com/plug-ins/LivingActorInstaller2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{542FC8D7-48F5-41DF-A15A-A24616E91C1B}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BE832E02-F11F-4CC9-BD35-5387395769C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Si quelqu'un peut dechiffrer ceci est me dire par la même occasion que faire.

Merci d'avance

Ens.

8 réponses

  1. ens
     
    bonjour,

    Personne pour m'aider s'il vous plait?
    dois-je faitre une autre operation pour faciliter la tache?

    j'en profite pour dire car j'ai oublier de le preciser , qu'il s'agit des favoris internet cool stuff, casino online , etc...
    0
  2. Utilisateur anonyme
     
    Bonjour,

    Méthode a suivre dans l'ordre...
    ----------------------------------------------------------------------------
    ¤Télécharge ces logiciels mais que tu n utilises pas tout de suite:

    1/Spybot S&D 1.4 <<nouvelle version
    http://www.safer-networking.org/fr/index.html

    Démo d utilisation (merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

    2/Ad-Aware SE 1.06 <<nouvelle version
    http://www.lavasoftusa.com/software/adaware/
    -Une aide:
    http://www.tutopat.com/viewtopic.php?t=1191
    - installe le patch français, tu pourra le trouver ici:
    http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
    et une petite vidéo ici d'utilisation:(merci a Moe31 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/adawrevid.asf

    3/Clean Up 40:
    http://pageperso.aol.fr/balltrap34/CleanUp40.exe
    -aide en image:(merci a Balltrap34)
    http://pageperso.aol.fr/balltrap34/democleanup.htm

    ----------------------------------------------------------------------------
    ¤Démarre en mode sans échec :
    Pour cela, tu tapote la touche F8 des le début de l allumage du pc sans t arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau si il n y a pas toutes les couleurs et autres c est normal !
    (Si F8 ne marche pas utilise la touche F5)
    ----------------------------------------------------------------------------
    ¤Désactive ta restauration système:
    Clic droit sur poste de travail puis,
    propriété, tu clique sur onglet restauration système
    tu coche la case désactiver la restauration et applique
    ----------------------------------------------------------------------------
    ¤Affiche tous les fichiers et dossiers :
    Clique sur démarrer/panneau de configuration/option des dossiers/affichage

    Cocher afficher les dossiers cacher

    Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

    Décocher masquer les extensions dont le type est connu
    Puis fais «Ok» pour valider les changements.

    Et appliquer !
    ----------------------------------------------------------------------------
    ¤Vide tes fichiers temps et tempory internet file:
    utilise ceci pour le faire (tu as télécharger avant)
    http://pageperso.aol.fr/balltrap34/CleanUp40.exe
    ----------------------------------------------------------------------------
    ¤Relance Hijack This, coche les cases devant ces lignes et ensuite click sur fix checked :

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://bw.myway.com/

    O4 - HKLM\..\Run: [Microsoft Update Machine] kdrmzqz.exe

    O4 - HKLM\..\Run: [axismore1dead] C:\Documents and Settings\All Users\Application Data\bash start axis more\Tool camp.exe < si inconnu pr toi

    O4 - HKLM\..\RunServices: [Microsoft Update Machine] kdrmzqz.exe

    O4 - HKCU\..\Run: [Microsoft Update Machine] kdrmzqz.exe

    O4 - HKCU\..\Run: [LDM] \Program\

    O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_pao_med.exe

    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} - http://adserver.sharewareonline.com/adserver/Install.cab

    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB

    ----------------------------------------------------------------------------
    ¤Recherche et supprime ceci:
    attention seulement les fichiers (si present)

    kdrmzqz.exe
    Documents and Settings\All Users\Application Data\bash start axis more < si inconnu pr toi

    ----------------------------------------------------------------------------
    ¤ Passe adaware et vire tous se qu il trouve
    ----------------------------------------------------------------------------
    ¤ Passe spybot et vire tous se qu il trouve
    ----------------------------------------------------------------------------
    > Tu vide ta poubelle et tu redémarre en mode normal et refait un Hijack

    Précise tes soucis si il en restes....

    Tiens moi au courant

    a+
    0
  3. ens
     
    merci regis je vais faire tout ca et je te tiens au courant
    0
  4. ens
     
    Merci regis

    Ca a marché, je suis tres content.
    Bravo pour ton aide et encore merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    coucou, mais de rien, ce fut un plaisir
    si je comprends tu n as plus de favoris indesirables,
    je suis content pour toi
    derniere manipulation et pares je t embete plus
    recache tes fichiers+reactive ta restauration systeme

    A+, bonne soiree
    0
    1. joesaxe
       
      Bravo régis,j'ai un probleme avec les favoris identiques,je souhaiterais avoir ton aide,j'ai fait un scanlog et je t'en fait part,pourrais tu me guider pour enfin virer casino on line de mes favoris,merci d'avance,j'attends ta reponse
      Logfile of HijackThis v1.99.1
      Scan saved at 16:12:05, on 18/04/2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\MsPMSPSv.exe
      C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
      C:\WINDOWS\System32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
      c:\windows\system32\rlvknlg.exe
      C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      F:\Programme\eMule\emule.exe
      C:\totalcmd\TOTALCMD.EXE
      C:\Documents and Settings\family\Bureau\hijackthis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qfnrwtgeiik.net/RvmczUV9y2bQxHOe9AOqF_AcJp9S2KOTgEugy7y_rJoYlcrBuJe0LY...
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qfnrwtgeiik.net/RvmczUV9y2bQxHOe9AOqF_AcJp9S2KOTgEugy7y_rJoYlcrBuJe0LY...
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O1 - Hosts: 64.233.167.104 symantec.com
      O1 - Hosts: 64.233.167.104 sandbox.norman.no
      O1 - Hosts: 64.233.167.104 www.pandasoftware.com
      O1 - Hosts: 64.233.167.104 uk.trendmicro-europe.com
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
      O4 - HKLM\..\Run: [il mio dolce tesoro] monycom.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
      O4 - HKLM\..\Run: [Piolet] C:\Program Files\Piolet\Piolet.exe SILENT
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [Standar P2P] C:\WINDOWS\system32\Rundl16.exe
      O4 - HKLM\..\Run: [Standar P2P 2] C:\WINDOWS\system\Rundl16.exe
      O4 - HKLM\..\Run: [demon force] C:\WINDOWS\system32\1zDm0n1.26Com.exe
      O4 - HKLM\..\Run: [FyPk7A] C:\WINDOWS\xkpfcqk.exe
      O4 - HKLM\..\Run: [SheduIer] C:\WINDOWS\shch.exe /i
      O4 - HKLM\..\Run: [clfmon] C:\WINDOWS\clfmon.exe
      O4 - HKLM\..\Run: [Patch] C:\WINDOWS\Patch.exe /nomsg
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"
      O4 - HKLM\..\Run: [bendcreativelocksexit] C:\Documents and Settings\All Users\Application Data\Book Htm Bend Creative\dupebuild.exe
      O4 - HKLM\..\RunServices: [avnort] C:\WINDOWS\msmbw.exe
      O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\System32\serbw.exe
      O4 - HKCU\..\Run: [infoheck] C:\DOCUME~1\family\APPLIC~1\Elsemail\Bits Shim.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
      O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
      O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
      0
  7. Regis59
     
    Salut Joe,

    Oui pas de problemes.
    Tu es pas mal infecté, certes par travel...mais il y a quelques trojans et autres bestioles...

    Commence par telecharger et installer ceci
    Ewido:
    http://download.ewido.net/ewido-setup.exe

    ¤ Lancer et exécuter Ewido pour un scan complet et copier/coller le rapport en forum.

    Une fois terminé, tu me joins le rapport d Ewido + un nouvel Hijack this + ceci:

    Télécharge lopxp ici:

    http://pageperso.aol.fr/balltrap34/lopxp.zip (Merci Moe31 et Balltrap34)

    2) dezippe le (clic droit dessus > extraire tout)
    et lance lopxp.bat
    le bloc note va s'ouvrir, copie et colle le contenu ici

    A+
    0
  8. eficaly Messages postés 71 Statut Membre 7
     
    bonjour,

    j'ai le même problème... j'ai fait un spybot, adaware... il m'en a trouvé mais les favoris indésirables restent toujours.

    J'ai fait un hijack aussi, il y a loud memo et quand je le fixe, il revient.

    En mode sans échec, spybot et adaware ne trouvent rien.

    Que puis-je faire?

    Voici mon log hijack

    Logfile of HijackThis v1.99.1
    Scan saved at 21:03:26, on 19/04/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    E:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\DOCUME~1\erve\LOCALS~1\Temp\Rar$EX00.090\HijackThis.exe
    C:\Program Files\Internet Explorer\iexplore.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: (no name) - {A371E3FD-9DA4-1253-7874-05F15013C78D} - C:\DOCUME~1\erve\APPLIC~1\Wmathis\lessgpl.exe
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr-be\msntb.dll
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O4 - HKLM\..\Run: [MessengerPlus3] "e:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "e:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Bowsdale] C:\DOCUME~1\erve\APPLIC~1\CLOSEF~1\Loud memo.exe
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)
    0
  9. incognito02 Messages postés 3487 Statut Contributeur 138
     
    Bonjour Eficaly,

    Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
    Procèdes comme ceci :
    http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

    A bientôt
    0