Sujet Précédent Sujet Suivant

[spywares tenaces]

goldoraclure -  
 Utilisateur anonyme -
Salut tout le monde,

alors je vous explique mon problème, classique mais bon je sais pas trop quelle méthode employer, j'ai chopé des méchants spywares, j'ai utilisé spybot mais ils reviennent sans cesses et en plus il en revient plusieurs différents à chaque fois, je comprend pas, par exemple la j'ai ceux la:

-Avenue A, inc.
-DoubleClick
-MediaPlex
-Winsoftware.WinAntiviruspro2006
-Advertising.com

ça serait cool si vous pouviez m'aider hihi je vous donne mon rapport hijack:

Logfile of HijackThis v1.99.1
Scan saved at 19:05:38, on 31/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\{245C1606-0892-1036-0520-030218200021}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\Program Files\Wireless\Client Manager\CMAGS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Adobe After Effects 7.0\Support Files\AfterFX.exe
C:\DOCUME~1\SÉBAST~1\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\sébastien\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: LookSmart Toolbar - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - C:\Program Files\LookSmart Toolbar\toolbar.dll (file missing)
O3 - Toolbar: LookSmart Toolbar - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - C:\Program Files\LookSmart Toolbar\toolbar.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [d02e075f.exe] C:\Documents and Settings\sébastien\Local Settings\Application Data\d02e075f.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O4 - Global Startup: Wireless Client Manager.lnk = ?
O4 - Global Startup: Wireless Gestionnaire client.lnk = C:\Program Files\Wireless\Client Manager\CmAGS.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

4 réponses

Réponse 1 / 4
Utilisateur anonyme
 
Salut,

scans ton PC avec ces differents logiciels

SpyBot-Search & Destroy: (gratuit)
Spybot Search & Destroy

A² squared: (gratuit)
A² squared

Ad-Aware SE Personal: (en anglais, gratuit))
Ad-aware SE personal
-Le patch pour le faire fonctionner Ad-Aware SE en français: Patch français pour Ad-aware

Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite

A+++
0
Réponse 2 / 4
goldoraclure Messages postés 3 Statut Membre
 
merci pour ton aide :) alors voila le rapport ewido:

Version - a-squared Free 2.0

Réglages Scan:

Objets: Mémoire, Traces, Cookies, C:\, D:\
Scan archives: Marche
Heuristiques: Marche
Scan ADS: Marche

Début du scan: 01/09/2006 20:04:25

Value: HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser --> {cc8c8f4f-f2e8-404b-a43d-5cc57876a008} Détecter: Trace.Registry.SoftomateToolbar
Key: HKEY_CLASSES_ROOT\interface\{eabbb49a-4d7b-415b-8250-15c3b854e9ff} Détecter: Trace.Registry.YuupSearchToolbar
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bbbe1c1a-89f7-4af6-abd1-f8fbcfa47408} Détecter: Trace.Registry.YuupSearchToolbar
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086489.exe Détecter: Trojan-Downloader.Win32.Obfuscated.a
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086523.exe Détecter: Trojan-Downloader.Win32.Zlob.agf
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086524.exe Détecter: Trojan-Downloader.Win32.Obfuscated.a
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086526.exe Détecter: Trojan-Downloader.Win32.Obfuscated.a
D:\SECURITE\SmitfraudFix\Process.exe Détecter: Riskware.RiskTool.Win32.Processor.20

Scanné

Fichiers: 164369
Traces: 69449
Cookies: 34
Processus: 44

Trouver

Fichiers: 5
Traces: 3
Cookies: 0
Processus: 0
Clés de Registre: 0

Fin du Scan: 01/09/2006 20:46:03
Temps du Scan: 00:41:38

D:\SECURITE\SmitfraudFix\Process.exe Supprimé Riskware.RiskTool.Win32.Processor.20
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086523.exe Supprimé Trojan-Downloader.Win32.Zlob.agf
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086489.exe Supprimé Trojan-Downloader.Win32.Obfuscated.a
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086524.exe Supprimé Trojan-Downloader.Win32.Obfuscated.a
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086526.exe Supprimé Trojan-Downloader.Win32.Obfuscated.a
Key: HKEY_CLASSES_ROOT\interface\{eabbb49a-4d7b-415b-8250-15c3b854e9ff} Supprimé Trace.Registry.YuupSearchToolbar
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bbbe1c1a-89f7-4af6-abd1-f8fbcfa47408} Supprimé Trace.Registry.YuupSearchToolbar
Value: HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser --> {cc8c8f4f-f2e8-404b-a43d-5cc57876a008} Supprimé Trace.Registry.SoftomateToolbar

Supprimé

Fichiers: 5
Traces: 3
Cookies: 0

et voila le nouveau rapport hijack:

Logfile of HijackThis v1.99.1
Scan saved at 20:57:11, on 01/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\{245C1606-0892-1036-0520-030218200021}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\Program Files\Wireless\Client Manager\CMAGS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\sébastien\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - (no file)
O3 - Toolbar: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O4 - Global Startup: Wireless Client Manager.lnk = ?
O4 - Global Startup: Wireless Gestionnaire client.lnk = C:\Program Files\Wireless\Client Manager\CmAGS.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw+0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw-0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw-0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw00 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw00s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw10 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw10s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw20 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw20s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw30 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw30s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw40 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw40s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw50 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw50s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw60 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw60s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw70 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw70s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw80 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw80s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw90 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw90s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwa0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwa0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwb0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwb0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwc0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwc0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwd0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwd0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwe0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwe0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwf0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwf0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: bwg0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwg0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwh0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwh0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwi0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwi0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwj0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwj0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwk0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwk0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwl0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwl0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwm0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwm0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwn0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwn0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwo0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwo0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwp0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwp0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwq0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwq0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwr0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwr0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bws0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bws0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwt0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwt0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwu0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwu0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwv0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwv0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bww0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bww0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwx0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwx0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwy0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwy0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwz0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwz0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
0
Utilisateur anonyme
 
Salut,


refais un scan complet avec Ewido et supprime tout ce qu'il te trouve


Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

R3 - URLSearchHook: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - (no file)
O3 - Toolbar: (no name) - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw+0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw-0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw-0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw00 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw00s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw10 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw10s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw20 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw20s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw30 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw30s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw40 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw40s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw50 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw50s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw60 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw60s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw70 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw70s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw80 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw80s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw90 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bw90s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwa0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwa0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwb0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwb0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwc0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwc0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwd0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwd0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwe0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwe0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwf0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwf0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: bwg0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwg0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwh0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwh0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwi0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwi0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwj0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwj0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwk0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwk0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwl0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwl0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwm0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwm0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwn0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwn0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwo0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwo0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwp0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwp0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwq0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwq0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwr0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwr0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bws0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bws0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwt0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwt0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwu0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwu0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwv0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwv0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bww0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bww0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwx0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwx0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwy0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwy0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwz0 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: bwz0s - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)
O18 - Protocol: offline-8876480 - {79CC22B2-0FCA-4397-B90A-9B4A0CEE6364} - (no file)


Fais ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"


Puis:

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/


0
Réponse 3 / 4
goldoraclure Messages postés 3 Statut Membre
 
raaa c'est fou a quel point c'est collant ces trucs la ! j'ai nettoyé avec tous les logiciels que tu as cité et ça réapparait inexorablement, y a vraiment un moyen de les éradiquer définitivement ?
0
Réponse 4 / 4
goldoraclure Messages postés 3 Statut Membre
 
oups désolé je me suis trompé de logiciel voila le vrai rapport ewido huhu:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 00:31:14 02/09/2006

+ Scan result:

HKU\S-1-5-21-4235202903-1106412625-3171849899-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BBBE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} -> Adware.Able2know : No action taken.
HKU\S-1-5-21-4235202903-1106412625-3171849899-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : No action taken.
C:\avenger\backup-31.08.2006- 0.00.32,33.zip/avenger/srvadz[1].exe -> Dialer.IDialer.m : No action taken.
C:\avenger\backup-31.08.2006- 0.00.32,33.zip/avenger/srvcgt[1].exe -> Dialer.IDialer.m : No action taken.
C:\avenger\backup-31.08.2006- 0.00.32,33.zip/avenger/srvjir[1].exe -> Dialer.IDialer.m : No action taken.
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP371\A0086522.exe -> Downloader.Zlob.agf : No action taken.
C:\avenger\backup-31.08.2006- 0.00.32,33.zip/avenger/l11[1].exe -> Downloader.Zlob.agf : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@estat[1].txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@overture[2].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\sébastien\Cookies\sébastien@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
C:\avenger\backup-31.08.2006- 0.00.32,33.zip/avenger/srveec[1].exe -> Trojan.Pakes : No action taken.
C:\Program Files\Fichiers communs\{245C1606-0892-1036-0520-030218200021}\Update.exe -> Trojan.Starter.65 : No action taken.
[264] C:\Program Files\Fichiers communs\{245C1606-0892-1036-0520-030218200021}\Update.exe -> Trojan.Starter.65 : No action taken.

::Report end
0

Discussions similaires

des spywares et Trojans envahissent mon pc
titite_baby -
titite_baby -

37 réponses