Sujet Précédent Sujet Suivant

Hijackthis pour fenetres intempestives svp

Résolu/Fermé
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 - 15 janv. 2007 à 15:01
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 - 11 févr. 2007 à 22:32
bonjour, sur cet ordi, dont se servent mes enfants exclusivement, des fenetres s'ouvrent en cascade, genant la navigation, que puis-je y faire, VOICI UN HIJACKTHIS
Logfile of HijackThis v1.99.1
Scan saved at 14:58:22, on 15/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX11.250\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKLM\..\Run: [For Rule Scr Anti] C:\Documents and Settings\All Users\Application Data\Objloveforrule\Cake up.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fragokay] C:\DOCUME~1\Marion\APPLIC~1\gpl2\Warn default logo.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: bw+0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
D4AVANCER MERCI DE VOTRE AIDE
A voir également:

13 réponses

Réponse 1 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
15 janv. 2007 à 15:29
Bonjour

* Télécharge Blacklight
https://europe.f-secure.com/exclude/blacklight/index.shtml
(de F-Secure)
(le premier de la page)

Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence;
clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite : nous devon

et

* Télécharge LopXPMH sur ton Bureau.
http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip

* Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
* Poste le contenu du rapport qui va s'ouvrir.

0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
19 janv. 2007 à 16:33
bonsoir, merci de ta réponse, des soucis de connexion m'ont empéché de faire tout ça avant, voici le rapport de blacklight:;
01/19/07 16:18:15 [Info]: BlackLight Engine 1.0.55 initialized
01/19/07 16:18:15 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/19/07 16:18:16 [Note]: 7019 4
01/19/07 16:18:16 [Note]: 7005 0
01/19/07 16:18:27 [Note]: 7006 0
01/19/07 16:18:27 [Note]: 7011 708
01/19/07 16:18:27 [Note]: 7026 0
01/19/07 16:18:28 [Note]: 7026 0
01/19/07 16:18:42 [Note]: FSRAW library version 1.7.1021
01/19/07 16:21:12 [Note]: 2000 1012
01/19/07 16:21:12 [Note]: 2000 1012
01/19/07 16:21:12 [Note]: 2000 1012
01/19/07 16:21:12 [Note]: 2000 1012
01/19/07 16:23:38 [Note]: 7007 0
si j'ai bien compris,aucun fichier n'a été trouvé.
Rapport fait à 16:28:07,93 le 19/01/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\All Users\Application Data

18/09/2005 17:03 <REP> .
18/09/2005 17:03 <REP> ..
02/03/2006 23:02 <REP> Adobe
18/09/2005 18:48 <REP> avg7
18/09/2005 18:48 <REP> Grisoft
14/10/2005 18:04 <REP> Macrovision
19/09/2006 19:02 <REP> Messenger Plus!
18/09/2005 17:03 <REP> Microsoft
27/12/2006 15:41 <REP> Objloveforrule
24/12/2005 16:18 <REP> Spybot - Search & Destroy
31/08/2006 16:17 <REP> Ulead Systems
02/09/2006 16:17 <REP> Windows Genuine Advantage
18/01/2006 19:04 <REP> Yahoo! Companion
18/09/2005 17:04 62 desktop.ini
1 fichier(s) 62 octets
13 R‚p(s) 8ÿ287ÿ518ÿ720 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\Default User\Application Data

18/09/2005 17:03 <REP> .
18/09/2005 17:03 <REP> ..
18/09/2005 17:03 <REP> Microsoft
18/09/2005 17:04 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 8ÿ287ÿ518ÿ720 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9
et voilà ce que me donne la deuxième manip, du chinois pour moi!!!
d'avance merci !!
0
Réponse 2 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
20 janv. 2007 à 17:13
Bonjour,

le rapport de lopxpMH n'est pas entier
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
20 janv. 2007 à 22:27
désolée je ré essaie
Rapport fait à 22:27:39,79 le 20/01/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\All Users\Application Data

18/09/2005 17:03 <REP> .
18/09/2005 17:03 <REP> ..
02/03/2006 23:02 <REP> Adobe
18/09/2005 18:48 <REP> avg7
18/09/2005 18:48 <REP> Grisoft
14/10/2005 18:04 <REP> Macrovision
19/09/2006 19:02 <REP> Messenger Plus!
18/09/2005 17:03 <REP> Microsoft
27/12/2006 15:41 <REP> Objloveforrule
24/12/2005 16:18 <REP> Spybot - Search & Destroy
31/08/2006 16:17 <REP> Ulead Systems
02/09/2006 16:17 <REP> Windows Genuine Advantage
18/01/2006 19:04 <REP> Yahoo! Companion
18/09/2005 17:04 62 desktop.ini
1 fichier(s) 62 octets
13 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\Default User\Application Data

18/09/2005 17:03 <REP> .
18/09/2005 17:03 <REP> ..
18/09/2005 17:03 <REP> Microsoft
18/09/2005 17:04 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

18/09/2005 17:04 <REP> .
18/09/2005 17:04 <REP> ..
0 fichier(s) 0 octets
2 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\LocalService\Application Data

18/09/2005 15:42 <REP> .
18/09/2005 15:42 <REP> ..
18/09/2005 18:48 <REP> AVG7
18/09/2005 15:42 <REP> Microsoft
30/10/2005 12:42 <REP> Webroot
0 fichier(s) 0 octets
5 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

18/09/2005 15:42 <REP> .
18/09/2005 15:42 <REP> ..
18/09/2005 15:42 <REP> Microsoft
24/03/2006 10:50 65ÿ064 GDIPFONTCACHEV1.DAT
1 fichier(s) 65ÿ064 octets
3 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\Marion\Application Data

18/09/2005 15:42 <REP> .
18/09/2005 15:42 <REP> ..
02/03/2006 18:34 <REP> Adobe
02/03/2006 23:04 <REP> AdobeUM
18/09/2005 18:48 <REP> AVG7
16/10/2005 09:04 <REP> BVS Solitaire Collection
20/11/2005 15:36 <REP> dvdcss
04/12/2005 18:44 <REP> FotoWire
04/07/2006 11:56 <REP> gpl2
22/10/2005 22:06 <REP> Help
18/09/2005 15:43 <REP> Identities
26/07/2006 09:35 <REP> Lavasoft
28/10/2005 18:08 <REP> Macromedia
10/04/2006 17:31 <REP> Media Player Classic
18/09/2005 15:42 <REP> Microsoft
10/01/2006 16:47 <REP> Mozilla
08/03/2006 18:03 <REP> Real
02/11/2005 15:41 <REP> Sun
24/11/2006 20:18 <REP> Talkback
20/11/2005 15:43 <REP> vlc
18/09/2005 15:42 62 desktop.ini
1 fichier(s) 62 octets
20 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\Marion\Local Settings\Application Data

18/09/2005 15:42 <REP> .
18/09/2005 15:42 <REP> ..
17/03/2006 19:17 <REP> Adobe
31/08/2006 09:40 <REP> Ahead
15/01/2007 17:27 <REP> ApplicationHistory
22/10/2005 22:06 <REP> Help
29/10/2005 18:39 <REP> Identities
04/12/2005 18:47 <REP> Logitech-LS
18/09/2005 15:42 <REP> Microsoft
24/11/2006 20:18 <REP> Mozilla
06/04/2006 17:19 4ÿ608 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
15/01/2007 17:27 129 fusioncache.dat
18/09/2005 18:40 76ÿ824 GDIPFONTCACHEV1.DAT
08/03/2006 20:54 4ÿ315ÿ640 IconCache.db
4 fichier(s) 4ÿ397ÿ201 octets
10 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

18/09/2005 15:42 <REP> .
18/09/2005 15:42 <REP> ..
18/09/2005 19:25 <REP> AVG7
18/09/2005 15:42 <REP> Microsoft
31/10/2005 09:03 <REP> Webroot
0 fichier(s) 0 octets
5 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

18/09/2005 15:42 <REP> .
18/09/2005 15:42 <REP> ..
18/09/2005 15:42 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

18/09/2005 15:41 <REP> .
18/09/2005 15:41 <REP> ..
18/09/2005 15:41 <REP> Microsoft
18/09/2005 15:41 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

18/09/2005 15:41 <REP> .
18/09/2005 15:41 <REP> ..
0 fichier(s) 0 octets
2 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\WINDOWS\Tasks

27/12/2006 15:41 262 A96FA53C90E85F4C.job
18/09/2005 15:42 6 SA.DAT
18/09/2005 15:13 65 desktop.ini
18/09/2005 15:13 <REP> ..
18/09/2005 15:13 <REP> .
3 fichier(s) 333 octets
2 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres

******************************************
## Répertoires de Program files

Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\Program Files

20/01/2007 22:25 <REP> .
20/01/2007 22:25 <REP> ..
02/03/2006 23:03 <REP> Adobe
27/12/2006 15:40 <REP> Adverts
14/10/2005 15:02 <REP> Ahead
27/08/2006 17:38 <REP> a-squared Anti-Malware
11/11/2005 22:36 <REP> BoontyGames
23/07/2006 10:32 <REP> CCleaner
30/10/2005 12:53 <REP> CleanUp!
18/09/2005 15:11 <REP> ComPlus Applications
20/01/2007 20:34 <REP> eMule
21/03/2006 08:13 <REP> Every Toolbar 1.1
18/08/2006 12:19 <REP> ewido anti-malware
08/03/2006 18:19 <REP> Fichiers communs
22/12/2005 22:13 <REP> Free.fr
15/01/2006 22:20 <REP> Frozen-Bubble
23/09/2006 17:02 <REP> Google
27/12/2006 15:40 <REP> gpl2
18/09/2005 18:48 <REP> Grisoft
18/09/2005 17:55 <REP> Hercules Technologies
30/11/2005 22:46 <REP> InterActual
15/01/2007 17:18 <REP> Internet Explorer
01/11/2005 14:39 <REP> Java
10/04/2006 17:16 <REP> K-Lite Codec Pack
26/07/2006 09:35 <REP> Lavasoft
18/01/2006 13:30 <REP> Little Big Adventure 2
04/12/2005 18:44 <REP> Logitech
24/02/2006 13:32 <REP> Mattel Interactive
04/07/2006 18:28 <REP> Messenger Plus! Live
18/09/2005 16:06 <REP> Microsoft Office
23/12/2006 19:05 <REP> Microsoft Picture It! PhotoPub
18/09/2005 16:06 <REP> Microsoft Visual Studio
18/09/2005 16:06 <REP> Microsoft Works
19/03/2006 18:28 <REP> Midas Interactive
20/01/2007 20:37 <REP> Mozilla Firefox
25/12/2005 11:30 <REP> MP3 Player Utilities
08/01/2006 00:05 <REP> MSN Apps
26/05/2006 12:41 <REP> MSN Games
27/12/2006 15:40 <REP> MSN Messenger
18/09/2005 15:13 <REP> NetMeeting
18/09/2005 15:23 <REP> Outlook Express
10/09/2006 17:13 <REP> PhotoFiltre
08/03/2006 18:05 <REP> Real
18/09/2005 15:13 <REP> Services en ligne
31/07/2006 18:55 <REP> Sierra On-Line
14/10/2005 18:04 <REP> Solitaire Plus
25/11/2006 08:16 <REP> Sonnerie Toolbar
24/12/2005 16:28 <REP> Spybot - Search & Destroy
16/02/2006 12:01 <REP> trackmania
31/08/2006 16:13 <REP> Ulead Systems
20/11/2005 15:35 <REP> VideoLAN
20/11/2005 15:27 <REP> Webteh
24/04/2006 13:09 <REP> Windows Media Player
18/09/2005 15:10 <REP> Windows NT
18/09/2005 16:02 <REP> WinRAR
10/11/2005 18:14 <REP> Wordox2
17/01/2006 17:58 <REP> Yahoo!
0 fichier(s) 0 octets
57 R‚p(s) 8ÿ262ÿ336ÿ512 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
dns-look-up.com REG_SZ
www.dns-look-up.com REG_SZ
mysearchnow.com REG_SZ
www.mysearchnow.com REG_SZ
*.email.tele2internet.fr REG_BINARY
actionssolidaires.msn.fr REG_BINARY
philosophons.free.fr REG_BINARY
www.devoir-de-philosophie.com REG_BINARY

* Mozilla Firefox (1 autorisé 2 interdit)

******************************************
## Registre

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
For Rule Scr Anti REG_SZ C:\Documents and Settings\All Users\Application Data\Objloveforrule\Cake up.exe

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Fragokay REG_SZ C:\DOCUME~1\Marion\APPLIC~1\gpl2\Warn default logo.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\WINDOWS

Le volume dans le lecteur C s'appelle System
Le num‚ro de s‚rie du volume est 14AC-FDE9

R‚pertoire de C:\WINDOWS


*************** Fin du rapport ****************
voilà, merci
0
Réponse 3 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
20 janv. 2007 à 22:54
bonsoir

ok, c'est bon cette fois, je te prépare les manips, réponse dans un moment
0
Réponse 4 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
20 janv. 2007 à 23:09
voici

* désinstalle les sponsors de MESSENGERPLUS3 via ajout et suppression de programmes.


Note comment démarrer en mode sans échec
http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20020905112131924


1* Télécharge : - CCleaner
http://www.filehippo.com/download_ccleaner.html
("Download Latest Version", sur la droite). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.

* Crée un nouveau document texte :

clic droit de souris sur le bureau, "Nouveau"> "Document Texte".

Ouvre-le et copie-colle dedans de ce qui est en citation ci-dessous, (copie tout d'un trait) :


REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Objloveforrule"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fragokay"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gpl2"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow]
"dns-look-up.com REG_SZ
www.dns-look-up.com REG_SZ
mysearchnow.com REG_SZ
www.mysearchnow.com REG_SZ
"=-


Puis "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : reglop.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

*****Copie ce qui suit dans un fichier texte et redémarre en mode sans échec (choisis ta session habituelle, pas le compte "Administrateur" ou autre)*****


/ désinstalle via "Ajout/Suppression de programmes", si tu trouves :
(si l'un de ces programmes ne figure pas dans la liste ajout/suppression de programmes, recherche un fichier "uninstall..." dans un répertoire du même nom, dans C:\Program Files et exécute-le)

Objloveforrule
Fragokay
gpl2

/ Assure toi d'avoir accès aux dossiers/fichiers cachés :

Ouvrir un dossier, n'importe lequel. Aller dans :
Outils/Options des dossiers/Affichage et
- cocher "afficher les dossiers et fichiers cachés",
- décocher "masquer les extensions des fichiers dont le type est connu".
- décocher masquer les fichiers protégés du système d'exploitation (recommandé)"
"appliquer" et "ok"


/ recherche et supprime ces dossiers ou fichiers, si tu les trouves :

C:\DOCUMENTS & SETTINGS\Marion\APPLICATION DATA\gpl2
C:\ProgramFiles\Adverts
C:\Documents and Settings\All Users\Application Data\Objloveforrule
C:\Program Files\gpl2
c:\Program Files\Objloveforrule

/ démarrer/exécuter, tape cmd et valide par entrée. Colle la ligne suivante dans la fenêtre noire qui s'ouvre : 

  del /a C:\WINDOWS\Tasks\A96FA53C90E85F4C.job



valide par entrée, puis ferme la fenêtre de commande.

/ double clique sur reglop.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

/ Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

*Redémarre normalement et poste un nouveau rapport HijackThis, toutes fenêtres et applications fermées. Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
24 janv. 2007 à 09:28
bonjour, j'ai fait ce que tu m'as dit, mais, pour le dossier.reg, il y a eu une fenetre d'erreur disant que seul les dossier créés dans reg pouvaient être pris en compte?
et pour les dossiers que tu m'as demandé de supprimer manuellement je n'en ai trouvé aucun! je te poste un hitjack this
merci de ton aide
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
24 janv. 2007 à 09:36
voici le nouveau rapport hijackthis, je n'ai pas pu faire toutes les manip le dossier .reg n'a pas fonctionné
et les dossiers à supprimer manuellement, je ne les ai pas trouvés!
Logfile of HijackThis v1.99.1
Scan saved at 09:32:54, on 24/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX00.913\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: bw+0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

merci de ton aide
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
24 janv. 2007 à 12:13
Bonjour,

lance hijackthis, coche et fixe ces lignes :

R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O18 - Protocol: bw+0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

comment se comporte ton pc maintenant ? encore des problèmes ?
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
26 janv. 2007 à 16:51
c'est fait, merci, il semble que le problème soit résolu!
merci pour ta patience ;) :)
0
Réponse 6 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
28 janv. 2007 à 16:18
Bonjour,

reposte quand même un nouveau rapport hijackthis pour vérif
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
1 févr. 2007 à 22:37
merci je ne suis pas chez moi cz soir, je fais ça demain
bonne soirée
0
Réponse 7 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
1 févr. 2007 à 23:18
bonsoir,

de toutes façons de gros soucis de connexion à CCM ce soir
0
Réponse 8 / 13
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
4 févr. 2007 à 08:51
bonjour, et encore merci, le problème semble résolu. je poste ici l'hijackthis demandé, et te souhaite une bonne journée
Logfile of HijackThis v1.99.1
Scan saved at 08:47:40, on 04/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX00.136\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

encore merci!!
0
Réponse 9 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
4 févr. 2007 à 18:20
bonsoir,*

relance quand même hijackthis coche et fixe cette ligne

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000

0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
5 févr. 2007 à 20:46
voilà, c'est fait, j'ai refait un hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 20:43:57, on 05/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX06.167\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

merci 1000 fois de ton aide!!
0
Réponse 10 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
5 févr. 2007 à 20:53
bonsoir,

y a une ligne qui ne me plait pas du tout, tu peux faire ceci pour vérif stp, mais je fais peut être fausse route

* Télécharge Blacklight
https://europe.f-secure.com/exclude/blacklight/index.shtml
(de F-Secure)
(le premier de la page)

Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence;
clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport,
car des fichiers légitimes peuvent être présents, tel wbemtest.exe
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
5 févr. 2007 à 23:15
bonsoir,
blcklight me dit no hiden found et voici le rapport
02/05/07 23:10:21 [Info]: BlackLight Engine 1.0.55 initialized
02/05/07 23:10:21 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/05/07 23:10:22 [Note]: 7019 4
02/05/07 23:10:22 [Note]: 7005 0
02/05/07 23:10:48 [Note]: 7006 0
02/05/07 23:10:48 [Note]: 7011 1268
02/05/07 23:10:49 [Note]: 7026 0
02/05/07 23:10:49 [Note]: 7026 0
02/05/07 23:11:04 [Note]: FSRAW library version 1.7.1021
02/05/07 23:13:33 [Note]: 2000 1012
02/05/07 23:13:33 [Note]: 2000 1012
02/05/07 23:13:33 [Note]: 2000 1012
02/05/07 23:13:33 [Note]: 2000 1012
02/05/07 23:14:22 [Note]: 7007 0
dois je faire autre chose? merci bonne nuit ;)
0
Réponse 11 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
5 févr. 2007 à 23:17
ok c'est bon

mais relance tout de même hijackthis coche et fixe cette ligne

O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
6 févr. 2007 à 12:08
bonjour, merci, voilà qui est fait, et voici le dernier hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 12:08:13, on 06/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX06.098\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

merci beaucoup de ton aide! bonne journée
0
Réponse 12 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
6 févr. 2007 à 22:08
bonsoir,

ton rapport est propre. Plus de soucis ?
0
kiowanaïs Messages postés 644 Date d'inscription lundi 11 avril 2005 Statut Membre Dernière intervention 22 novembre 2021 1
11 févr. 2007 à 20:45
:D non, c'est bon, plusde souci, merci beaucoup de ton aide!!
0
Réponse 13 / 13
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
11 févr. 2007 à 22:32
bonsoir,

Bonne nouvelle donc, un peu de lecture ici
securite proteger un ordinateur contre les malwares d internet

0

Discussions similaires

Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses
comment activer les fenètre pop-up
zipou -
Tif -

14 réponses
Problème de zoom sur Google Docs
o_soonia -
Alt -

6 réponses