Analyse de log demandé par 3x Résolu/Fermé

Question

Ca y est je viens de faire un scan du systeme avec hijackthis, voivi le rapport :

Logfile of HijackThis v1.99.1
Scan saved at 20:41:57, on 15/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\ElkCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\LAGET mathilde\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.planetis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13Emww/YwZgbp0Dbid85y5+9thyrfupUfMZgiGQdQ8Y8oYg0Zel/s2hvffe/VIxMGifYwXzInW7gJfLhKG+U/zk65XXW3qyi4AIoivE50
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ButtonLed] BTNLED.EXE /check
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: TribalWeb.net.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar	oolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall 1.0	rash.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall 1.0	rash.exe (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - https://ssl.tele2.com/inc/accounthelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C80B7FF6-CE60-4079-935E-520C045C30A6} - http://www.mailskinner.com/binaries/msaxsetup.cab
O18 - Protocol: bw+0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3196D43D-915E-4CA8-97BC-2ADBFB1D199F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

^^Marie^^ · Answer

Salut

Avant toute analyse
Quel est ton pare-feu ?
Je ne pense pas le voir !!!

Donc installe Kerio

télécharger la version gratuite de Kerio  (avec Avast => moins de conflits)
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html

Tuto => 
https://www.vulgarisation-informatique.com/kerio.php

https://kerio.probb.fr/


A conserver :

https://sebsauvage.net/


A++

tilou14 · Answer

Salut,
JE n'ai pas de pare feu a proprement dit, en fait avt j'avais zonealarm mais lorsuqe je suis pasé en dégourpé chez tele 2 g eu des petit pb pour acceder a certains programme ( comme tribal ) et un coneiller de tele2 m' a dit de desinsataller zonalarm car il bloqué des fois trop de trucs et que j'avais deja un pare feu integré ds mon modem ( = speedtouch ) !!!
Mais bon visiblement je sais pas si g bien fait de lui faire confiance vu ce que je viens de lire sur le site ke tu m'as conseillé ( sebsauvage.net ) !!!
J'ai donc vite installé Kerio par contre je suis pas une bête en informatique et j'ai pas tt pigé lors de l'installation meme avec l'aide de vulgarisation ... pour moi par moment ct du chinois en ce qui conserne les regles a creer par exemple !
J'ai essayé au max de suivre la marche a suivre et qd je savais pas ce que je devais creer ou ajouter je sautais l'etape ...
Bon la visiblement c bon kerio marche, veux tu que je refasses un scan avec hijackthis et que je te l'envoie ?
Question : lorsuqe j'ai vérifier les mises a jour de windows sur le site elles n'etaient pas a jour alors que normalement je l'ai mis en mises a jour automatiques a koi c du ???? Et est ce normal ?!

Utilisateur anonyme · Answer

Doublon, doublon doublon ..

Pourquoi ne pas me demande puisque je suis là(msn) ? ..

bref ..bonne continuation
J'arrête là

tilou14 · Answer

Bonsoir ,
Les conseils de tt le monde son les bienvenus ( vu mon niveau en informatique lol ) !
LE problème de virus etant résolu je me suis occupé des pages publicitaires intempestives qui n'arretaient de s'ouvrir qd j'etais connecté malgrés l'utilisation d'ad aware et spybot !
Marie m'a conseillé(e) de prendre un pare feu aussi ( donc j'ai decidé de vous faire confiance et j'ai installé ( tant bien que mal kerio ) + mozilla ( ss les conseils d'un mec qui a créé un site gemial pr les gens comme moi avec pleins de conseils et trucs impartifs a faire et a savoir sur les ordi ) j'y ai passé mon apres midi : j'ai appris pleins de trucs !!!Mais j'ai tjrs un pb avec les pubs ( ben c pas gravissime mais bon si je peux le resoudre c plus agreable ) Voila donc si tu as des conseils je suis prenante ;-)

Séb08 · Answer

slt,

Télécharge Blacklight (de F-Secure):
https://www.f-secure.com/en


En bas de la page qui s'affiche clique sur "I accept".
Sur la nouvelle page qui s'affiche cliques sur le lien :
"Download Blacklight Beta Graphical user interface version",
 la fenêtre s'ouvre pour l'enregistrement, enregistre le sur ton bureau.

Quitte la fenêtre .

* Maintenant l'icone blbeta.exe doit être présent sur ton bureau
 -> double clic dessus, coche  "I accept the agreement"
 -> clique [next]  -> clique [scan]

Laisse le scanner.

Lorsque le scan est fini clique sur [next] -> [exit]

Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Double clic dessus et copie et colle le contenu de ce rapport STP.

a+

tilou14 · Answer

Bonsoir séb 08,
je viens juste de finir un scan avec kaspersky je comptais mettre le rapprot sur le forum ( il m'a l'air clean ) est ce que ca va ou tu preferes que j'en refasses un avec le logiciel que tu m'as conseillé ?

Rapport du scan avec kaspersky :

KASPERSKY ONLINE SCANNER REPORT  
Thursday, November 16, 2006 7:03:51 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 16/11/2006
Kaspersky Anti-Virus database records: 228650
 
 
Scan Settings 
Scan using the following antivirus database standard 
Scan Archives true 
Scan Mail Bases true 
 
Scan Target My Computer 
A:\
C:\
Q:\  
 
Scan Statistics 
Total number of scanned objects 45905 
Number of viruses found 0 
Number of infected objects 0 / 0 
Number of suspicious objects 0 
Duration of the scan process 01:55:06 

Infected Object Name Virus Name Last Action 
C:\Documents and Settings\All Users\Documents\desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\music.asx  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\music.wma  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\Exemple de sélection.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\meilleur du mix.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\muzik mix.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlistseggae gospel.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\zouk love.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Favorites -- 4 and 5 star rated.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Favorites -- Have not heard recently.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Favorites -- Listen to late at night.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Favorites -- Listen to on Weekdays.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Favorites -- Listen to on Weekends.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Favorites -- One Audio CD worth.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Favorites -- One Data CD-R worth.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Fresh tracks -- yet to be played.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Fresh tracks -- yet to be rated.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Fresh tracks.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\High bitrate media in my library.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Low bitrate media in my library.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Music tracks I dislike.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Music tracks I have not rated.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\0006CAE8\Music tracks with content protection.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\01_Music_auto_rated_at_5_stars.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\02_Music_added_in_the_last_month.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\03_Music_rated_at_4_or_5_stars.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\04_Music_played_in_the_last_month.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\05_Pictures_taken_in_the_last_month.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\06_Pictures_rated_4_or_5_stars.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\07_TV_recorded_in_the_last_week.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\08_Video_rated_at_4_or_5_stars.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\09_Music_played_the_most.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\10_All_Music.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\11_All_Pictures.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\0006CBCE\12_All_Video.wpl  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\AlbumArtSmall.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\AlbumArt_{08115859-E625-4BCD-83A8-57E01873B42F}_Large.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\AlbumArt_{08115859-E625-4BCD-83A8-57E01873B42F}_Small.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Large.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Small.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\Folder.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\Nouvelles histoires (le blues de l'autoroute).wma  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\Symphonie n° 9 de Beethoven (scherzo).wma  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Thumbs.db  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Collines.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Coucher de soleil.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Hiver.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Nénuphars.jpg  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Thumbs.db  Object is locked  skipped  
 
C:\Documents and Settings\All Users\Documents\Mes vidéos\Desktop.ini  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Cookies\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Application Data\Mozilla\Firefox\Profiles\77qirbbu.default\Cache\7DA061B6d01  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Application Data\Mozilla\Firefox\Profiles\77qirbbu.default\Cache\_CACHE_001_  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Application Data\Mozilla\Firefox\Profiles\77qirbbu.default\Cache\_CACHE_002_  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Application Data\Mozilla\Firefox\Profiles\77qirbbu.default\Cache\_CACHE_003_  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Application Data\Mozilla\Firefox\Profiles\77qirbbu.default\Cache\_CACHE_MAP_  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Historique\History.IE5\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Historique\History.IE5\MSHist012006111620061117\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde\Local Settings\Temporary Internet Files\Content.IE5\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde
tuser.dat  Object is locked  skipped  
 
C:\Documents and Settings\LAGET mathilde
tuser.dat.LOG  Object is locked  skipped  
 
C:\Documents and Settings\LocalService\Cookies\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  Object is locked  skipped  
 
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  Object is locked  skipped  
 
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\LocalService\NTUSER.DAT  Object is locked  skipped  
 
C:\Documents and Settings\LocalService
tuser.dat.LOG  Object is locked  skipped  
 
C:\Documents and Settings\NetworkService\Cookies\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  Object is locked  skipped  
 
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  Object is locked  skipped  
 
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat  Object is locked  skipped  
 
C:\Documents and Settings\NetworkService\NTUSER.DAT  Object is locked  skipped  
 
C:\Documents and Settings\NetworkService
tuser.dat.LOG  Object is locked  skipped  
 
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat  Object is locked  skipped  
 
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db  Object is locked  skipped  
 
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int  Object is locked  skipped  
 
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws  Object is locked  skipped  
 
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log  Object is locked  skipped  
 
C:\Program Files\Alwil Software\Avast4\DATA\log
shield.log  Object is locked  skipped  
 
C:\Program Files\Alwil Software\Avast4\DATAeport\Protection résidente.txt  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\BWDocMap.pht  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\BWInfopakMap.pht  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\chandir.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\chandir.idx  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\chn.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\chn.idx  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\D0000000.FCS  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\inuse.txt  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\L0000001.FCS  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\main.log  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs.idx  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_die.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_die.idx  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_dnd.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_dnd.idx  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_ext.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_ext.idx  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_rcv.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\prs_rcv.idx  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\storydb.dat  Object is locked  skipped  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\LAGET mathilde\Data\storydb.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs
etwork.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs
etwork.log.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log  Object is locked  skipped  
 
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx  Object is locked  skipped  
 
C:\System Volume Information\_restore{66857958-A94B-4B2E-9990-319787E5FA61}\RP258\change.log  Object is locked  skipped  
 
C:\WINDOWS\Debug\PASSWD.LOG  Object is locked  skipped  
 
C:\WINDOWS\SchedLgU.Txt  Object is locked  skipped  
 
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log  Object is locked  skipped  
 
C:\WINDOWS\Sti_Trace.log  Object is locked  skipped  
 
C:\WINDOWS\system32\CatRoot2\edb.log  Object is locked  skipped  
 
C:\WINDOWS\system32\CatRoot2	mp.edb  Object is locked  skipped  
 
C:\WINDOWS\system32\config\Antivirus.Evt  Object is locked  skipped  
 
C:\WINDOWS\system32\config\AppEvent.Evt  Object is locked  skipped  
 
C:\WINDOWS\system32\config\DEFAULT  Object is locked  skipped  
 
C:\WINDOWS\system32\config\default.LOG  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SAM  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SAM.LOG  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SecEvent.Evt  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SECURITY  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SECURITY.LOG  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SOFTWARE  Object is locked  skipped  
 
C:\WINDOWS\system32\config\software.LOG  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SysEvent.Evt  Object is locked  skipped  
 
C:\WINDOWS\system32\config\SYSTEM  Object is locked  skipped  
 
C:\WINDOWS\system32\config\system.LOG  Object is locked  skipped  
 
C:\WINDOWS\system32\h323log.txt  Object is locked  skipped  
 
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl  Object is locked  skipped  
 
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR  Object is locked  skipped  
 
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP  Object is locked  skipped  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER  Object is locked  skipped  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP  Object is locked  skipped  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP  Object is locked  skipped  
 
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA  Object is locked  skipped  
 
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP  Object is locked  skipped  
 
C:\WINDOWS\Temp\Perflib_Perfdata_76c.dat  Object is locked  skipped  
 
C:\WINDOWS\Temp\_avast4_\Webshlock.txt  Object is locked  skipped  
 
C:\WINDOWS\wiadebug.log  Object is locked  skipped  
 
C:\WINDOWS\wiaservc.log  Object is locked  skipped  
 
C:\WINDOWS\WindowsUpdate.log  Object is locked  skipped  
 
Scan process completed.

Séb08 · Answer

je viens juste de finir un scan avec kaspersky je comptais mettre le rapprot sur le forum ( il m'a l'air clean ) est ce que ca va ou tu preferes que j'en refasses un avec le logiciel que tu m'as conseillé ? 

Oui :)

a+

tilou14 · Answer

NIKEL !!!
Bon mes pb de virus et de pubs etant resolus je vais fermer tous les postes que j'avais ouvert a ce propos lol 
Par contre je vais un creer un autre : 
- comme ca je ne monopoliserai plus les pros d'informatique de ce site pr des broutilles ( alors que d'autres galere avec des pb graves ) 
- mais je pourrais qd meme avoir un peu d'aide concernant l'uitilisation de mes logiciels et avoir qq reponses aux questions que je me pose ( afin que je fasse des progres en informatique !!! ;- )
MERCI A TOUS PR LE COUP DE MAIN ET VOTRE DISPONIBILITE !!!
C super agréable !!!

Séb08 · Answer

Ou est le rapport Blacklight ?

Qu'est ce que tu as fait pour que ca aille mieu on a encore rien vérifié...

tilou14 · Answer

ptdr !!!
Désolé, j 'ai cru que ton "oui" voulais dire que tu avais jeté un coup d'oeil au rapport de kaspersky et que tt était ok !!!
Je vais faire lancer le scan avec ce que tu m'as dit et je te me mets le rapport de suite apres sur le site !

Séb08 · Answer

Ne cré pas de nouveau topic colle le rapport ici même...

A + ;-)

tilou14 · Answer

Voici le rapport a avec blbeta :

11/16/06 22:42:25 [Info]: BlackLight Engine 1.0.47 initialized
11/16/06 22:42:25 [Info]: OS: 5.1 build 2600 (Service Pack 2)
11/16/06 22:42:28 [Note]: 7019 4
11/16/06 22:42:28 [Note]: 7005 0
11/16/06 22:42:31 [Note]: 7006 0
11/16/06 22:42:31 [Note]: 7011 1284
11/16/06 22:42:32 [Note]: 7026 0
11/16/06 22:42:32 [Note]: 7026 0
11/16/06 22:42:32 [Note]: 7024 3
11/16/06 22:42:32 [Info]: Hidden process: C:\windows\system32\alqgjzcrvo.exe
11/16/06 22:42:32 [Note]: FSRAW library version 1.7.1020
11/16/06 22:46:37 [Info]: Hidden file: c:\WINDOWS\system32\alqgjzcrvo.dat
11/16/06 22:46:37 [Note]: 10002 1
11/16/06 22:46:37 [Info]: Hidden file: C:\windows\system32\alqgjzcrvo.exe
11/16/06 22:46:37 [Note]: 10002 1
11/16/06 22:46:38 [Info]: Hidden file: c:\WINDOWS\system32\alqgjzcrvo_nav.dat
11/16/06 22:46:38 [Note]: 10002 1
11/16/06 22:46:38 [Info]: Hidden file: c:\WINDOWS\system32\alqgjzcrvo_navps.dat
11/16/06 22:46:38 [Note]: 10002 1
11/16/06 22:48:14 [Info]: Hidden file: c:\WINDOWS\Prefetch\ALQGJZCRVO.EXE-31192CCA.pf
11/16/06 22:48:14 [Note]: 10002 1
11/16/06 22:51:18 [Note]: 7007 0

Séb08 · Answer

Ok ton rapport est positif...


Télécharge Brute Force Uninstaller (de Merijn) ici: 
http://www.merijn.org/files/bfu.zip 
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. 
Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU) 

Ensuite, télécharge EGDACCESS.bfu (de Metallica) : 

Fais un clik droit ici : http://metallica.geekstogo.com/EGDACCESS.bfu et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important). 

Si tu utilises Internet Explorer, assure-toi lors de la sauvegarde que le champs "Type :" affiche "Tous les fichiers". 
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important). 

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- 

Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU) 
- Clique sur le petit dossier jaune, et clique sur : EGDACCESS.bfu 
- Coches la case Show log after script ends 
- Clique sur Execute pour que le fix fasse son boulot :-) 

Attends que le message Complete script execution apparaîsse et clique sur OK. 
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum. 
Clique Exit pour fermer le programme BFU. 

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- 

Ensuite, lance Blacklight en double cliquant sur blbeta.exe et accepte la licence. 
Clique sur Scan pour lancer l'analyse. 
Une fois fait, selectionnes chaques fichiers trouvés et clic sur "RENAME" 
Puis valide. 
Réponds oui aux messages d'avertissements et te demandant si tu autorises le reboot du pc. 

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- 

Après le reboot du pc, les fichiers :

C:\windows\system32\alqgjzcrvo.exe
c:\WINDOWS\system32\alqgjzcrvo.dat
c:\WINDOWS\system32\alqgjzcrvo_nav.dat
c:\WINDOWS\system32\alqgjzcrvo_navps.dat
c:\WINDOWS\Prefetch\ALQGJZCRVO.EXE-31192CCA.pf 

devraient être visible et pouvoir être supprimés sans aucuns soucis. 
Blacklight ne les supprimes pas, il les renommes simplement et il va falloir que tu les vires toi même: 

Va dans C:\windows\system32\ et recherches et effaces:

alqgjzcrvo.exe.ren
alqgjzcrvo.dat.ren
alqgjzcrvo_nav.dat.ren
alqgjzcrvo_navps.dat.ren

mais aussi dans c:\WINDOWS\Prefetch\ :

ALQGJZCRVO.EXE-31192CCA.pf.ren

Une fois fait, reposte le rapport de BFU que tu auras sauvegardé et un nouveau rapport de blacklight.

a+

^^Marie^^ · Answer

Salut



On continue

Télécharge Brute Force Uninstaller (de Merijn) ici: 
http://www.merijn.org/files/bfu.zip 
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. 
Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU) 

Ensuite, télécharge EGDACCESS.bfu (de Metallica) : 

Fais un clik droit ici : http://metallica.geekstogo.com/EGDACCESS.bfu et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important). 

Si tu utilises Internet Explorer, assure-toi lors de la sauvegarde que le champs "Type :" affiche "Tous les fichiers". 
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important). 

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- 

Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU) 
- Clique sur le petit dossier jaune, et clique sur : EGDACCESS.bfu 
- Coches la case Show log after script ends 
- Clique sur Execute pour que le fix fasse son boulot :-) 

Attends que le message Complete script execution apparaîsse et clique sur OK. 
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum. 
Clique Exit pour fermer le programme BFU. 

========================================== 


Ensuite, lance Blacklight en double cliquant sur blbeta.exe et accepte la licence. 
Clique sur Scan pour lancer l'analyse. 
Une fois fait, sélectionnes chaque fichiers trouvés et clic sur "RENAME" 
Puis valide. 
Réponds oui aux messages d'avertissements et te demandant si tu autorises le reboot du pc. 

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- 

Après le reboot du pc, les fichiers : 


c:\WINDOWS\system32\alqgjzcrvo.dat
C:\windows\system32\alqgjzcrvo.exe
c:\WINDOWS\system32\alqgjzcrvo_nav.dat
c:\WINDOWS\system32\alqgjzcrvo_navps.dat




devraient être visible et pouvoir être supprimés sans aucuns soucis. 
Blacklight ne les supprimes pas, il les renomme simplement et il va falloir que tu les vires toi-même: 
Va dans C:\windows\system32\ et recherches et effaces: 


alqgjzcrvo.dat.ren
alqgjzcrvo.exe.ren
alqgjzcrvo_nav.dat.ren
alqgjzcrvo_navps.dat.ren

c:\WINDOWS\Prefetch\ALQGJZCRVO.EXE-31192CCA.pf.ren

 
Une fois fait, reposte un rapport hijackthis et un nouveau rapport de blacklight.


A++

^^Marie^^ · Answer

LOL......................

Analyse de log demandé par 3x

15 réponses

Discussions similaires