Desinstaller navipromo

Résolu
cisabe Messages postés 31 Statut Membre -  
 benoit -
bonsoir

je n'arrive pas a me debarasser de navipromo
quelqu'un pourrais t-il m'aider

18 réponses

  1. cisabe Messages postés 31 Statut Membre 2
     
    BONJOUR,

    a priori aujourd'hui je ne l'ai pas vu apparaitre

    merci beaucoup pour ton aide et s'il venait me rendre de nouveau visite je ne manquerai pas de te le signaler

    merci encore et excuses moi de ne pas t'avoir répondu avant
    @+
    1
    1. Utilisateur anonyme
       
      Salut,

      ok, pas de probléme, s'il revient ouvre un nouveau post s'il te plait ;-)

      Bonne journée A plus tard peut etre :-)
      0
  2. Utilisateur anonyme
     
    Salut,

    fait ça pour verifier, mais tu es infecté de toute maniere:

    télécharges hijackthis:
    Téléchargement de HijackThis

    Installe le dans son propre dossier:
    -cliques droit sur le bureau, nouveau dossier, installes-le dedans.
    Lance le, cliques sur "do a system scan and save logfile"
    Puis copies et colles le rapport ici.
    0
  3. cisabe Messages postés 31 Statut Membre 2
     
    voici le fichier d'analyse
    j'espère que cela pourra permettre de trouver la solution
    merci pour ton aide

    Logfile of HijackThis v1.99.1
    Scan saved at 12:01:42, on 13/05/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Documents and Settings\isabelle\Mes documents\MsgPlus.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\AOL 9.0a\aoltray.exe
    C:\Program Files\BenQ\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    c:\program files\fichiers communs\aol\1136013073\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
    C:\Program Files\AOL 9.0a\waol.exe
    C:\Program Files\AOL 9.0a\shellmon.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\ewido anti-malware\SecuritySuite.exe
    C:\Program Files\AOL Compagnon\companion.exe
    C:\Documents and Settings\isabelle\Mes documents\Logiciels\antivirus\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\isabelle\Application Data\Mozilla\Profiles\default\2ymi4e85.slt\prefs.js)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll (file missing)
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll (file missing)
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [oief06li] C:\WINDOWS\System32\oief06li.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\isabelle\Mes documents\MsgPlus.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
    O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
    O4 - HKLM\..\Run: [nkselbazg] c:\windows\system32\nkselbazg.exe nkselbazg
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Sonic RecordNow! Deluxe] "C:\Program Files\Sonic\RecordNow! Deluxe\RecordNow.exe"
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB0_0_0 -reboot 1
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\isabelle\Mes documents\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Startup: BoontyBox AOL.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
    O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
    O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\BenQ\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e74255e3add948748e5589a1cc33b7d5
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e74255e3add948748e5589a1cc33b7d5
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {54579C3D-A58D-4623-B5B5-465552BDA45B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
    O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
    O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1059_XP.cab
    O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://ww1.dlv4.com
    O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
    O16 - DPF: {EC4AFBF3-4540-4306-AF10-4CAC509EA16B} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9B0E938D-60DC-4624-BA61-32F8FDB506B1}: NameServer = 205.188.146.145
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
    O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    0
    1. Utilisateur anonyme
       
      Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
      O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
      O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll (file missing)
      O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll (file missing)
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
      O4 - HKLM\..\Run: [oief06li] C:\WINDOWS\System32\oief06li.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\isabelle\Mes documents\MsgPlus.exe"
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
      O4 - HKLM\..\Run: [nkselbazg] c:\windows\system32\nkselbazg.exe nkselbazg
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [Sonic RecordNow! Deluxe] "C:\Program Files\Sonic\RecordNow! Deluxe\RecordNow.exe"
      O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB0_0_0 -reboot 1
      O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\isabelle\Mes documents\MsgPlus.exe" /WinStart
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {54579C3D-A58D-4623-B5B5-465552BDA45B} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
      O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {7504F0D5-644A-4103-9D02-95488B6CB9A1} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
      O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1059_XP.cab
      O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://ww1.dlv4.com
      O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
      O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
      O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
      O16 - DPF: {EC4AFBF3-4540-4306-AF10-4CAC509EA16B} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - https://www.afternic.com/domains/downloadv3.com
      O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

      fait ça: ** Mode sans echec **

      Redemarres ton pc, dès l'allumage de celui ci tapotes la touche f8, à l'ecran qui va apparaitre choisis "mode sans echec" attends un peu..

      Fait un scan complet de ton Pc avec Ewido pour supprimer navipromo.

      Ensuite, tant qu'il scan clique sur demarrer, rechercher, cherche et supprime ces fichiers:

      oief06li.exe
      nkselbazg.exe


      Enregistre le rapport d'Ewido et quand tu aura redémarré normalement colle le ici stp avec un nouveau rapport hijackthis

      0
    2. cisabe Messages postés 31 Statut Membre 2
       
      voici le nouveau rapport apres toutes les opérations que tu m'as demandé de faire

      par contre la recherche n'a pas trouvé les deux fichiers que tu me demandais de supprimer

      en attente de ta réponse

      merci

      Logfile of HijackThis v1.99.1
      Scan saved at 15:33:57, on 13/05/2006
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\brsvc01a.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\brss01a.exe
      C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      C:\WINDOWS\system32\Brmfrmps.exe
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\ewido anti-malware\ewidoctrl.exe
      C:\WINDOWS\system32\inetsrv\inetinfo.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
      C:\WINDOWS\system32\tcpsvcs.exe
      C:\WINDOWS\System32\snmp.exe
      C:\WINDOWS\system32\svchost.exe
      C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
      C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
      C:\WINDOWS\system32\fxssvc.exe
      C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
      C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
      C:\WINDOWS\Explorer.EXE
      C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
      C:\Program Files\Brother\ControlCenter2\brctrcen.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\Program Files\AOL 9.0a\aoltray.exe
      C:\Program Files\AOL Compagnon\companion.exe
      C:\Program Files\BenQ\Common\Bin\WinCinemaMgr.exe
      C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
      C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
      C:\WINDOWS\system32\wuauclt.exe
      c:\program files\fichiers communs\aol\1136013073\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
      C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
      C:\Documents and Settings\isabelle\Mes documents\Logiciels\antivirus\HijackThis.exe
      C:\Program Files\Boonty\BoontyBox\BoontyBoxEngine.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\isabelle\Application Data\Mozilla\Profiles\default\2ymi4e85.slt\prefs.js)
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
      O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
      O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
      O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
      O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
      O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
      O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
      O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
      O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
      O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - Startup: BoontyBox AOL.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
      O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
      O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
      O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\BenQ\Common\Bin\WinCinemaMgr.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
      O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e74255e3add948748e5589a1cc33b7d5
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e74255e3add948748e5589a1cc33b7d5
      O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
      O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
      O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O20 - AppInit_DLLs: MsgPlusLoader.dll
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
      O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
      O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
      O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
      O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
      O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
      O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
      O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
      O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
      O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
      0
      1. Utilisateur anonyme > cisabe Messages postés 31 Statut Membre
         
        bizarre pour le fichier "manquant" car je le vois encore dans ton rapport hijackthis.

        Je n'ai pas eu le rapport Ewido, difficile d'avancer..

        Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

        O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
        O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\BenQ\Common\Bin\WinCinemaMgr.exe
        O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE


        Désinstalle AntiVir.

        Clique sur demarrer, poste de travail, C:, program files, cherche et supprime ces dossier si present:

        eoRezo
        antivir

        Puis fait un scan complet de ton systeme avec Ewido et colle le rapport ici
        0
  4. cisabe Messages postés 31 Statut Membre 2
     
    petite question supplémentaire :

    lors du redemarrage de mon ordinateur le message suivant est apparu:

    rundll
    erreur de chargement de stmcrtl.dll
    le module spécifié est introuvable

    aurais tu une idée sur le problème?

    merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. cisabe Messages postés 31 Statut Membre 2
     
    voici le rapport d'ewido et de hijackthis
    j'espère que navi est reellement supprimé

    merci

    ---------------------------------------------------------
    ewido anti-malware - Rapport de scan
    ---------------------------------------------------------

    + Créé le: 21:41:49, 13/05/2006
    + Somme de contrôle: 803E940E

    + Résultats du scan:

    C:\Documents and Settings\isabelle\Cookies\isabelle@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@zedo[1].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder

    ::Fin du rapport

    Logfile of HijackThis v1.99.1
    Scan saved at 21:44:57, on 13/05/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\AOL 9.0a\aoltray.exe
    C:\Program Files\AOL Compagnon\companion.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
    c:\program files\fichiers communs\aol\1136013073\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
    C:\Program Files\AOL 9.0a\waol.exe
    C:\Program Files\AOL 9.0a\shellmon.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\isabelle\Mes documents\Logiciels\antivirus\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\isabelle\Application Data\Mozilla\Profiles\default\2ymi4e85.slt\prefs.js)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
    O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e74255e3add948748e5589a1cc33b7d5
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e74255e3add948748e5589a1cc33b7d5
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9B0E938D-60DC-4624-BA61-32F8FDB506B1}: NameServer = 205.188.146.145
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
    O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    0
    1. Utilisateur anonyme
       
      Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
      O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
      O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e74255e3add948748e5589a1cc33b7d5
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e74255e3add948748e5589a1cc33b7d5
      O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
      O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
      O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe


      Clique sur demarrer, executer, tape: services.msc ,cherche dans la liste cette ligne et regle la sur "manuel"

      Boonty Games


      Refais un netoyage avec Ccleaner (erreur + nettoyage)


      Puis pour finir:

      Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X, pour le faire fonctionner,
      une fois qu'il a terminé colle le rapport ici stp, puis je pense que ça sera ok.

      https://www.bitdefender.com/toolbox/

      0
  7. cisabe Messages postés 31 Statut Membre 2
     
    voici le rapport
    mais je pense que cela n'est pas totalement resolu car une alerte navipromo est encore apparue

    je suis pret pour d'autres modifs
    a bientot

    BitDefender Online Scanner

    Scan report generated at: Sun, May 14, 2006 - 14:09:37

    Scan path: A:\;C:\;D:\;E:\;F:\;

    Statistics

    Time
    01:37:28

    Files
    601239

    Folders
    7256

    Boot Sectors
    2

    Archives
    3879

    Packed Files
    37754

    Results

    Identified Viruses
    1

    Infected Files
    1

    Suspect Files
    0

    Warnings
    0

    Disinfected
    0

    Deleted Files
    1

    Engines Info

    Virus Definitions
    374854

    Engine build
    AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

    Scan plugins
    13

    Archive plugins
    40

    Unpack plugins
    4

    E-mail plugins
    6

    System plugins
    1

    Scan Settings

    First Action
    Disinfect

    Second Action
    Delete

    Heuristics
    Yes

    Enable Warnings
    Yes

    Scanned Extensions
    *;

    Exclude Extensions

    Scan Emails
    Yes

    Scan Archives
    Yes

    Scan Packed
    Yes

    Scan Files
    Yes

    Scan Boot
    Yes

    Scanned File
    Status

    C:\Documents and Settings\isabelle\Mes documents\logiciel internet\setup.exe=>(CAB Sfx r)=>setup.msi=>(Embedded CAB)=>_B78502A451AB41049EDF1482207E250D
    Infected with: Trojan.Skintrim.B

    C:\Documents and Settings\isabelle\Mes documents\logiciel internet\setup.exe=>(CAB Sfx r)=>setup.msi=>(Embedded CAB)=>_B78502A451AB41049EDF1482207E250D
    Disinfection failed

    C:\Documents and Settings\isabelle\Mes documents\logiciel internet\setup.exe=>(CAB Sfx r)=>setup.msi=>(Embedded CAB)=>_B78502A451AB41049EDF1482207E250D
    Deleted

    C:\Documents and Settings\isabelle\Mes documents\logiciel internet\setup.exe=>(CAB Sfx r)=>setup.msi=>(Embedded CAB)
    Update failed
    0
    1. Utilisateur anonyme
       
      clique sur demarrer, poste de travail, C:, Documents and Settings, isabelle, Mes documents, logiciel internet, et supprime tout ce que t uas dans ce dossier y'a un intrus caché!


      Fait un scan complet de ton Pc avec Ewido et colle le rapport ici stp
      0
  8. cisabe Messages postés 31 Statut Membre 2
     
    ---------------------------------------------------------
    ewido anti-malware - Rapport de scan
    ---------------------------------------------------------

    + Créé le: 19:11:38, 14/05/2006
    + Somme de contrôle: 54342F0C

    + Résultats du scan:

    C:\Documents and Settings\isabelle\Cookies\isabelle@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Documents and Settings\isabelle\Cookies\isabelle@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder

    ::Fin du rapport
    0
    1. Utilisateur anonyme
       
      Ou en est ton probléme ?

      ça me semble ok :-)
      0
  9. cisabe Messages postés 31 Statut Membre 2
     
    ecoute pour l'instant cela a l'air de fonctionner mais je ne manquerai pas de te signaler si navipromo reapparait

    merci pour ton aide
    et j'espère ne pas te recontacter pour le meme sujet
    0
  10. cisabe Messages postés 31 Statut Membre 2
     
    helas c'est encore moi

    trend micro l'a retrouvé dans le fichier suivant
    C:\System Volume Information\_restore{6E3B2FA9-F00C-49A7-8E8D-75A8AD23B70D}\RP1\A0000013.dll

    je te joint le rapport de hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 20:29:32, on 14/05/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
    C:\Program Files\AOL 9.0a\aoltray.exe
    c:\program files\fichiers communs\aol\1136013073\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
    C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLServiceHost.exe
    C:\Program Files\AOL 9.0a\waol.exe
    C:\Program Files\AOL 9.0a\shellmon.exe
    C:\Program Files\AOL Compagnon\companion.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\Program Files\ewido anti-malware\SecuritySuite.exe
    C:\Documents and Settings\isabelle\Mes documents\Logiciels\antivirus\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\isabelle\Application Data\Mozilla\Profiles\default\2ymi4e85.slt\prefs.js)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136013073\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
    O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9B0E938D-60DC-4624-BA61-32F8FDB506B1}: NameServer = 205.188.146.145
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
    O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

    trouves tu quelque chose de zarbi la dedans

    bon courage et merci de m'aider encore
    0
    1. Utilisateur anonyme
       
      Alors ceci C:\System Volume Information\_restore indique que ta restauration du systeme est infecté.Nous allons Tout supprimer et créer un point propre.

      Cliques sur demarrer, cliques droit sur poste de travail, propriétés, onglet "restauration du systeme"
      -coches la case, puis cliques sur "appliquer"
      -decoches la case et cliques sur "appliquer" puis "ok".

      Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

      Cliques sur demarrer, tout les programmes, accessoires, outils systemes, restauration du systeme, choisis "creer un point de restauration" nommes le " ccm" par exemple, cliques sur "creer" puis "ok".
      0
    2. Utilisateur anonyme
       
      pas de nouvelle, bonne nouvelle ?
      0
  11. zezete
     
    HELP? HELP
    bonjour,

    quelqu'un pourrai t'il m'aider
    je suis infecté par adware.navipromo
    je suis débutante en informatique et sur le net ce qui ne me simplifie pas la tache

    merci de vos reponses
    0
  12. chimere44
     
    Bonjours j'ai un probleme !!!! help !!

    J'ai dans mon dossier temp deux dossier nsd10 et nsd15 qui sont inffecté par navipromo.byc
    Je ne peux les suprimés comment faire pour les supprimé SVP

    Je sais pas si sa a voir mais je ne peux pas aller en mode sans echec, a chaque que je lance le mode il redemarre

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:35:31, on 13/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.047\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
    O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
    O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
    O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/version7/DLHelper.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bw+0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {4E41F822-9080-492E-87EB-5F472A3454B6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    0
  13. bruno
     
    voici mon rapport hijack :Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:14:08, on 30/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\EZ-Backup\EZ-Backup Manager\ezbackupmanager.exe
    C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
    C:\PROGRA~1\MICROS~2\rapimgr.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
    O4 - HKLM\..\Run: [EzBackup Manager] C:\Program Files\EZ-Backup\EZ-Backup Manager\ezbackupmanager.exe
    O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
    O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
    O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: EZ-Backup Manager - Unknown owner - C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    0
  14. MarindeTerre
     
    Bonjour, MarindeTerre
    J'ai le meme pb avec naviloq
    j'ai essaye de suivre les instructions de boulepatte62
    j'ai un rapport Hijack
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:49:35, on 31/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\hphmon06.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\PROGRA~1\Wanadoo\taskbaricon.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\WINDOWS\system32\hphmon04.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Creative\Shared Files\CamTray.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Documents and Settings\HP_Propriétaire\Bureau\hijack\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = selectionlacage@wanadoo.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [VF0060 STISvc] RunDLL32.exe V0060Pin.dll,RunDLL32EP 513
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
    O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
    O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [eywruwudrc] c:\windows\system32\eywruwudrc.exe eywruwudrc
    O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: TelechargerSoftware - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\system32\TelechargerSoftware (file missing)
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
    O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
    O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://www.download-plus.com/fr/emule/laaplicacion.cab
    O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
    O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - Unknown owner - c:\progra~1\pinnacle\mediac~1\epgspo~2.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    0
  15. nad
     
    Bonjour,
    mon pc est infecte par navipromo BYS et trojan
    0
  16. raleur_69 Messages postés 1 Date d'inscription   Statut Membre
     
    le plus simple est d'aller sur le site de celui qui propage cette saleté, je viens de trouver le site en recherchant " supprimer navipromo " sur google....... ils t'envoient un petit log de désinstallation, tu n'est pas obligé d'indiquer ton nom ni de te justifier, il faut juste tapper le code et envoyer.
    Enregistre le fichier qu'ils t'envoient dans un dossier, avant de l'éxécuter, il me semble que c'est préférable.
    Supprimez Navipromo
    www.pc-on-internet.com Le protocole de désinstallation sur le site Officiel du développeur
    0
  17. help92 Messages postés 447 Date d'inscription   Statut Membre Dernière intervention   41
     
    bonjour

    Je me permets de vous adresser mon HJT
    Si vous pouviez m aider à supprimer ce "navipro" ce serait sympa
    Merci par avance

    CdltLogfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:37:47, on 09/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    d:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    D:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe
    C:\documents and settings\propriétaire\local settings\application data\ouuew.exe
    E:\STOCK LOGICIELS\SetPoint\SetPoint.exe
    d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\IncrediMail\bin\ImApp.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    d:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Freebie Notes] "D:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe"
    O4 - HKCU\..\Run: [ouuew] "c:\documents and settings\propriétaire\local settings\application data\ouuew.exe" ouuew
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Anti-Pub.lnk = D:\Program Files\Antipub\antipub.exe
    O4 - Global Startup: Logitech SetPoint.lnk = E:\STOCK LOGICIELS\SetPoint\SetPoint.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O18 - Protocol: bw+0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {30228901-1392-4390-AB6C-B4A387DB847E} - E:\STOCK LOGICIELS\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
    0
    1. tony 70200
       
      L'antivirus GDATA le supprime facilement
      0
  18. benoit
     
    Avec AVG comme anti virus, réalise une analyse complète en mode sans échec (F8 au démarage)
    0