Hijackthis pour fenetres intempestives svp

Résolu
kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   -  
philae83 Messages postés 12854 Statut Contributeur sécurité -
bonjour, sur cet ordi, dont se servent mes enfants exclusivement, des fenetres s'ouvrent en cascade, genant la navigation, que puis-je y faire, VOICI UN HIJACKTHIS
Logfile of HijackThis v1.99.1
Scan saved at 14:58:22, on 15/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX11.250\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKLM\..\Run: [For Rule Scr Anti] C:\Documents and Settings\All Users\Application Data\Objloveforrule\Cake up.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fragokay] C:\DOCUME~1\Marion\APPLIC~1\gpl2\Warn default logo.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: bw+0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
D4AVANCER MERCI DE VOTRE AIDE

--
je n'suis pas à moitié aussi sérieuse que j'en ai l'air quand je ne suis pas sérieuse!
Configuration: Windows XP
Internet Explorer 6.0

13 réponses

  1. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour

    * Télécharge Blacklight
    https://europe.f-secure.com/exclude/blacklight/index.shtml
    (de F-Secure)
    (le premier de la page)

    Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
    Double-clique blbeta.exe et accepte la licence;
    clique Scan puis Next

    Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
    sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

    Copie et colle le contenu de ce rapport dans ta prochaine réponse.
    NE PAS choisir l'option "Rename" de suite : nous devon

    et

    * Télécharge LopXPMH sur ton Bureau.
    http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip

    * Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
    * Poste le contenu du rapport qui va s'ouvrir.

    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      bonsoir, merci de ta réponse, des soucis de connexion m'ont empéché de faire tout ça avant, voici le rapport de blacklight:;
      01/19/07 16:18:15 [Info]: BlackLight Engine 1.0.55 initialized
      01/19/07 16:18:15 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      01/19/07 16:18:16 [Note]: 7019 4
      01/19/07 16:18:16 [Note]: 7005 0
      01/19/07 16:18:27 [Note]: 7006 0
      01/19/07 16:18:27 [Note]: 7011 708
      01/19/07 16:18:27 [Note]: 7026 0
      01/19/07 16:18:28 [Note]: 7026 0
      01/19/07 16:18:42 [Note]: FSRAW library version 1.7.1021
      01/19/07 16:21:12 [Note]: 2000 1012
      01/19/07 16:21:12 [Note]: 2000 1012
      01/19/07 16:21:12 [Note]: 2000 1012
      01/19/07 16:21:12 [Note]: 2000 1012
      01/19/07 16:23:38 [Note]: 7007 0
      si j'ai bien compris,aucun fichier n'a été trouvé.
      Rapport fait à 16:28:07,93 le 19/01/2007

      ******************************************
      ## Répertoires Application Data

      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\All Users\Application Data

      18/09/2005 17:03 <REP> .
      18/09/2005 17:03 <REP> ..
      02/03/2006 23:02 <REP> Adobe
      18/09/2005 18:48 <REP> avg7
      18/09/2005 18:48 <REP> Grisoft
      14/10/2005 18:04 <REP> Macrovision
      19/09/2006 19:02 <REP> Messenger Plus!
      18/09/2005 17:03 <REP> Microsoft
      27/12/2006 15:41 <REP> Objloveforrule
      24/12/2005 16:18 <REP> Spybot - Search & Destroy
      31/08/2006 16:17 <REP> Ulead Systems
      02/09/2006 16:17 <REP> Windows Genuine Advantage
      18/01/2006 19:04 <REP> Yahoo! Companion
      18/09/2005 17:04 62 desktop.ini
      1 fichier(s) 62 octets
      13 R‚p(s) 8ÿ287ÿ518ÿ720 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\Default User\Application Data

      18/09/2005 17:03 <REP> .
      18/09/2005 17:03 <REP> ..
      18/09/2005 17:03 <REP> Microsoft
      18/09/2005 17:04 62 desktop.ini
      1 fichier(s) 62 octets
      3 R‚p(s) 8ÿ287ÿ518ÿ720 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9
      et voilà ce que me donne la deuxième manip, du chinois pour moi!!!
      d'avance merci !!
      0
  2. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    le rapport de lopxpMH n'est pas entier
    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      désolée je ré essaie
      Rapport fait à 22:27:39,79 le 20/01/2007

      ******************************************
      ## Répertoires Application Data

      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\All Users\Application Data

      18/09/2005 17:03 <REP> .
      18/09/2005 17:03 <REP> ..
      02/03/2006 23:02 <REP> Adobe
      18/09/2005 18:48 <REP> avg7
      18/09/2005 18:48 <REP> Grisoft
      14/10/2005 18:04 <REP> Macrovision
      19/09/2006 19:02 <REP> Messenger Plus!
      18/09/2005 17:03 <REP> Microsoft
      27/12/2006 15:41 <REP> Objloveforrule
      24/12/2005 16:18 <REP> Spybot - Search & Destroy
      31/08/2006 16:17 <REP> Ulead Systems
      02/09/2006 16:17 <REP> Windows Genuine Advantage
      18/01/2006 19:04 <REP> Yahoo! Companion
      18/09/2005 17:04 62 desktop.ini
      1 fichier(s) 62 octets
      13 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\Default User\Application Data

      18/09/2005 17:03 <REP> .
      18/09/2005 17:03 <REP> ..
      18/09/2005 17:03 <REP> Microsoft
      18/09/2005 17:04 62 desktop.ini
      1 fichier(s) 62 octets
      3 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

      18/09/2005 17:04 <REP> .
      18/09/2005 17:04 <REP> ..
      0 fichier(s) 0 octets
      2 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\LocalService\Application Data

      18/09/2005 15:42 <REP> .
      18/09/2005 15:42 <REP> ..
      18/09/2005 18:48 <REP> AVG7
      18/09/2005 15:42 <REP> Microsoft
      30/10/2005 12:42 <REP> Webroot
      0 fichier(s) 0 octets
      5 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

      18/09/2005 15:42 <REP> .
      18/09/2005 15:42 <REP> ..
      18/09/2005 15:42 <REP> Microsoft
      24/03/2006 10:50 65ÿ064 GDIPFONTCACHEV1.DAT
      1 fichier(s) 65ÿ064 octets
      3 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\Marion\Application Data

      18/09/2005 15:42 <REP> .
      18/09/2005 15:42 <REP> ..
      02/03/2006 18:34 <REP> Adobe
      02/03/2006 23:04 <REP> AdobeUM
      18/09/2005 18:48 <REP> AVG7
      16/10/2005 09:04 <REP> BVS Solitaire Collection
      20/11/2005 15:36 <REP> dvdcss
      04/12/2005 18:44 <REP> FotoWire
      04/07/2006 11:56 <REP> gpl2
      22/10/2005 22:06 <REP> Help
      18/09/2005 15:43 <REP> Identities
      26/07/2006 09:35 <REP> Lavasoft
      28/10/2005 18:08 <REP> Macromedia
      10/04/2006 17:31 <REP> Media Player Classic
      18/09/2005 15:42 <REP> Microsoft
      10/01/2006 16:47 <REP> Mozilla
      08/03/2006 18:03 <REP> Real
      02/11/2005 15:41 <REP> Sun
      24/11/2006 20:18 <REP> Talkback
      20/11/2005 15:43 <REP> vlc
      18/09/2005 15:42 62 desktop.ini
      1 fichier(s) 62 octets
      20 R‚p(s) 8ÿ262ÿ344ÿ704 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\Marion\Local Settings\Application Data

      18/09/2005 15:42 <REP> .
      18/09/2005 15:42 <REP> ..
      17/03/2006 19:17 <REP> Adobe
      31/08/2006 09:40 <REP> Ahead
      15/01/2007 17:27 <REP> ApplicationHistory
      22/10/2005 22:06 <REP> Help
      29/10/2005 18:39 <REP> Identities
      04/12/2005 18:47 <REP> Logitech-LS
      18/09/2005 15:42 <REP> Microsoft
      24/11/2006 20:18 <REP> Mozilla
      06/04/2006 17:19 4ÿ608 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      15/01/2007 17:27 129 fusioncache.dat
      18/09/2005 18:40 76ÿ824 GDIPFONTCACHEV1.DAT
      08/03/2006 20:54 4ÿ315ÿ640 IconCache.db
      4 fichier(s) 4ÿ397ÿ201 octets
      10 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

      18/09/2005 15:42 <REP> .
      18/09/2005 15:42 <REP> ..
      18/09/2005 19:25 <REP> AVG7
      18/09/2005 15:42 <REP> Microsoft
      31/10/2005 09:03 <REP> Webroot
      0 fichier(s) 0 octets
      5 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

      18/09/2005 15:42 <REP> .
      18/09/2005 15:42 <REP> ..
      18/09/2005 15:42 <REP> Microsoft
      0 fichier(s) 0 octets
      3 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

      18/09/2005 15:41 <REP> .
      18/09/2005 15:41 <REP> ..
      18/09/2005 15:41 <REP> Microsoft
      18/09/2005 15:41 62 desktop.ini
      1 fichier(s) 62 octets
      3 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres
      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

      18/09/2005 15:41 <REP> .
      18/09/2005 15:41 <REP> ..
      0 fichier(s) 0 octets
      2 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres

      ******************************************
      Recherche des taches planifiées dans C:\WINDOWS\tasks

      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\WINDOWS\Tasks

      27/12/2006 15:41 262 A96FA53C90E85F4C.job
      18/09/2005 15:42 6 SA.DAT
      18/09/2005 15:13 65 desktop.ini
      18/09/2005 15:13 <REP> ..
      18/09/2005 15:13 <REP> .
      3 fichier(s) 333 octets
      2 R‚p(s) 8ÿ262ÿ340ÿ608 octets libres

      ******************************************
      ## Répertoires de Program files

      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\Program Files

      20/01/2007 22:25 <REP> .
      20/01/2007 22:25 <REP> ..
      02/03/2006 23:03 <REP> Adobe
      27/12/2006 15:40 <REP> Adverts
      14/10/2005 15:02 <REP> Ahead
      27/08/2006 17:38 <REP> a-squared Anti-Malware
      11/11/2005 22:36 <REP> BoontyGames
      23/07/2006 10:32 <REP> CCleaner
      30/10/2005 12:53 <REP> CleanUp!
      18/09/2005 15:11 <REP> ComPlus Applications
      20/01/2007 20:34 <REP> eMule
      21/03/2006 08:13 <REP> Every Toolbar 1.1
      18/08/2006 12:19 <REP> ewido anti-malware
      08/03/2006 18:19 <REP> Fichiers communs
      22/12/2005 22:13 <REP> Free.fr
      15/01/2006 22:20 <REP> Frozen-Bubble
      23/09/2006 17:02 <REP> Google
      27/12/2006 15:40 <REP> gpl2
      18/09/2005 18:48 <REP> Grisoft
      18/09/2005 17:55 <REP> Hercules Technologies
      30/11/2005 22:46 <REP> InterActual
      15/01/2007 17:18 <REP> Internet Explorer
      01/11/2005 14:39 <REP> Java
      10/04/2006 17:16 <REP> K-Lite Codec Pack
      26/07/2006 09:35 <REP> Lavasoft
      18/01/2006 13:30 <REP> Little Big Adventure 2
      04/12/2005 18:44 <REP> Logitech
      24/02/2006 13:32 <REP> Mattel Interactive
      04/07/2006 18:28 <REP> Messenger Plus! Live
      18/09/2005 16:06 <REP> Microsoft Office
      23/12/2006 19:05 <REP> Microsoft Picture It! PhotoPub
      18/09/2005 16:06 <REP> Microsoft Visual Studio
      18/09/2005 16:06 <REP> Microsoft Works
      19/03/2006 18:28 <REP> Midas Interactive
      20/01/2007 20:37 <REP> Mozilla Firefox
      25/12/2005 11:30 <REP> MP3 Player Utilities
      08/01/2006 00:05 <REP> MSN Apps
      26/05/2006 12:41 <REP> MSN Games
      27/12/2006 15:40 <REP> MSN Messenger
      18/09/2005 15:13 <REP> NetMeeting
      18/09/2005 15:23 <REP> Outlook Express
      10/09/2006 17:13 <REP> PhotoFiltre
      08/03/2006 18:05 <REP> Real
      18/09/2005 15:13 <REP> Services en ligne
      31/07/2006 18:55 <REP> Sierra On-Line
      14/10/2005 18:04 <REP> Solitaire Plus
      25/11/2006 08:16 <REP> Sonnerie Toolbar
      24/12/2005 16:28 <REP> Spybot - Search & Destroy
      16/02/2006 12:01 <REP> trackmania
      31/08/2006 16:13 <REP> Ulead Systems
      20/11/2005 15:35 <REP> VideoLAN
      20/11/2005 15:27 <REP> Webteh
      24/04/2006 13:09 <REP> Windows Media Player
      18/09/2005 15:10 <REP> Windows NT
      18/09/2005 16:02 <REP> WinRAR
      10/11/2005 18:14 <REP> Wordox2
      17/01/2006 17:58 <REP> Yahoo!
      0 fichier(s) 0 octets
      57 R‚p(s) 8ÿ262ÿ336ÿ512 octets libres

      ******************************************
      ## Popups autorisées

      * Internet Explorer

      ! REG.EXE VERSION 3.0

      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
      dns-look-up.com REG_SZ
      www.dns-look-up.com REG_SZ
      mysearchnow.com REG_SZ
      www.mysearchnow.com REG_SZ
      *.email.tele2internet.fr REG_BINARY
      actionssolidaires.msn.fr REG_BINARY
      philosophons.free.fr REG_BINARY
      www.devoir-de-philosophie.com REG_BINARY

      * Mozilla Firefox (1 autorisé 2 interdit)

      ******************************************
      ## Registre

      * [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      For Rule Scr Anti REG_SZ C:\Documents and Settings\All Users\Application Data\Objloveforrule\Cake up.exe

      * [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      Fragokay REG_SZ C:\DOCUME~1\Marion\APPLIC~1\gpl2\Warn default logo.exe

      ******************************************
      ## Zones de sécurité

      * HKCU Domains (4)

      * P3P History (5)

      ******************************************
      ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\WINDOWS

      Le volume dans le lecteur C s'appelle System
      Le num‚ro de s‚rie du volume est 14AC-FDE9

      R‚pertoire de C:\WINDOWS


      *************** Fin du rapport ****************
      voilà, merci
      0
  3. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir

    ok, c'est bon cette fois, je te prépare les manips, réponse dans un moment
    0
  4. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    voici

    * désinstalle les sponsors de MESSENGERPLUS3 via ajout et suppression de programmes.

    Note comment démarrer en mode sans échec
    http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20020905112131924

    1* Télécharge : - CCleaner
    http://www.filehippo.com/download_ccleaner.html
    ("Download Latest Version", sur la droite). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.

    * Crée un nouveau document texte :

    clic droit de souris sur le bureau, "Nouveau"> "Document Texte".

    Ouvre-le et copie-colle dedans de ce qui est en citation ci-dessous, (copie tout d'un trait) :

    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Objloveforrule"=-
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Fragokay"=-
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "gpl2"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow]
    "dns-look-up.com REG_SZ
    www.dns-look-up.com REG_SZ
    mysearchnow.com REG_SZ
    www.mysearchnow.com REG_SZ
    "=-


    Puis "fichier"/"enregistrer sous" :
    dans : sur le bureau
    Nom du fichier : reglop.reg
    Type de fichier : "tous les fichiers"
    clique sur "enregistrer"

    *****Copie ce qui suit dans un fichier texte et redémarre en mode sans échec (choisis ta session habituelle, pas le compte "Administrateur" ou autre)*****


    / désinstalle via "Ajout/Suppression de programmes", si tu trouves :
    (si l'un de ces programmes ne figure pas dans la liste ajout/suppression de programmes, recherche un fichier "uninstall..." dans un répertoire du même nom, dans C:\Program Files et exécute-le)

    Objloveforrule
    Fragokay
    gpl2

    / Assure toi d'avoir accès aux dossiers/fichiers cachés :

    Ouvrir un dossier, n'importe lequel. Aller dans :
    Outils/Options des dossiers/Affichage et
    - cocher "afficher les dossiers et fichiers cachés",
    - décocher "masquer les extensions des fichiers dont le type est connu".
    - décocher masquer les fichiers protégés du système d'exploitation (recommandé)"
    "appliquer" et "ok"

    / recherche et supprime ces dossiers ou fichiers, si tu les trouves :

    C:\DOCUMENTS & SETTINGS\Marion\APPLICATION DATA\gpl2
    C:\ProgramFiles\Adverts
    C:\Documents and Settings\All Users\Application Data\Objloveforrule
    C:\Program Files\gpl2
    c:\Program Files\Objloveforrule

    / démarrer/exécuter, tape cmd et valide par entrée. Colle la ligne suivante dans la fenêtre noire qui s'ouvre :

      del /a C:\WINDOWS\Tasks\A96FA53C90E85F4C.job 


    valide par entrée, puis ferme la fenêtre de commande.

    / double clique sur reglop.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
    Si c'est bien le cas, clique sur "oui"

    / Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

    *Redémarre normalement et poste un nouveau rapport HijackThis, toutes fenêtres et applications fermées. Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.
    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      bonjour, j'ai fait ce que tu m'as dit, mais, pour le dossier.reg, il y a eu une fenetre d'erreur disant que seul les dossier créés dans reg pouvaient être pris en compte?
      et pour les dossiers que tu m'as demandé de supprimer manuellement je n'en ai trouvé aucun! je te poste un hitjack this
      merci de ton aide
      0
    2. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      voici le nouveau rapport hijackthis, je n'ai pas pu faire toutes les manip le dossier .reg n'a pas fonctionné
      et les dossiers à supprimer manuellement, je ne les ai pas trouvés!
      Logfile of HijackThis v1.99.1
      Scan saved at 09:32:54, on 24/01/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\eMule\emule.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\WinRAR\WinRAR.exe
      C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX00.913\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
      O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
      O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
      O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
      O18 - Protocol: bw+0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

      merci de ton aide
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    lance hijackthis, coche et fixe ces lignes :

    R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
    O18 - Protocol: bw+0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    comment se comporte ton pc maintenant ? encore des problèmes ?
    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      c'est fait, merci, il semble que le problème soit résolu!
      merci pour ta patience ;) :)
      0
  7. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    reposte quand même un nouveau rapport hijackthis pour vérif
    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      merci je ne suis pas chez moi cz soir, je fais ça demain
      bonne soirée
      0
  8. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    de toutes façons de gros soucis de connexion à CCM ce soir
    0
  9. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
     
    bonjour, et encore merci, le problème semble résolu. je poste ici l'hijackthis demandé, et te souhaite une bonne journée
    Logfile of HijackThis v1.99.1
    Scan saved at 08:47:40, on 04/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\eMule\emule.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX00.136\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

    encore merci!!
    0
  10. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,*

    relance quand même hijackthis coche et fixe cette ligne

    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000

    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      voilà, c'est fait, j'ai refait un hijackthis:
      Logfile of HijackThis v1.99.1
      Scan saved at 20:43:57, on 05/02/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\eMule\emule.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\WinRAR\WinRAR.exe
      C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX06.167\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
      O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

      merci 1000 fois de ton aide!!
      0
  11. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    y a une ligne qui ne me plait pas du tout, tu peux faire ceci pour vérif stp, mais je fais peut être fausse route

    * Télécharge Blacklight
    https://europe.f-secure.com/exclude/blacklight/index.shtml
    (de F-Secure)
    (le premier de la page)

    Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
    Double-clique blbeta.exe et accepte la licence;
    clique Scan puis Next

    Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
    sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

    Copie et colle le contenu de ce rapport dans ta prochaine réponse.
    NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport,
    car des fichiers légitimes peuvent être présents, tel wbemtest.exe
    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      bonsoir,
      blcklight me dit no hiden found et voici le rapport
      02/05/07 23:10:21 [Info]: BlackLight Engine 1.0.55 initialized
      02/05/07 23:10:21 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      02/05/07 23:10:22 [Note]: 7019 4
      02/05/07 23:10:22 [Note]: 7005 0
      02/05/07 23:10:48 [Note]: 7006 0
      02/05/07 23:10:48 [Note]: 7011 1268
      02/05/07 23:10:49 [Note]: 7026 0
      02/05/07 23:10:49 [Note]: 7026 0
      02/05/07 23:11:04 [Note]: FSRAW library version 1.7.1021
      02/05/07 23:13:33 [Note]: 2000 1012
      02/05/07 23:13:33 [Note]: 2000 1012
      02/05/07 23:13:33 [Note]: 2000 1012
      02/05/07 23:13:33 [Note]: 2000 1012
      02/05/07 23:14:22 [Note]: 7007 0
      dois je faire autre chose? merci bonne nuit ;)
      0
  12. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    ok c'est bon

    mais relance tout de même hijackthis coche et fixe cette ligne

    O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      bonjour, merci, voilà qui est fait, et voici le dernier hijackthis
      Logfile of HijackThis v1.99.1
      Scan saved at 12:08:13, on 06/02/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\eMule\emule.exe
      C:\Program Files\WinRAR\WinRAR.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\WINDOWS\system32\svchost.exe
      C:\DOCUME~1\Marion\LOCALS~1\Temp\Rar$EX06.098\HijackThis.exe
      C:\WINDOWS\system32\NOTEPAD.EXE

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
      O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{B2486A2D-18BA-4DA4-87F9-7DB5A18FE436}: NameServer = 212.27.32.176,212.27.32.177
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: offline-8876480 - {3067060B-9B57-4EAD-B8A7-E1D156DD12BF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

      merci beaucoup de ton aide! bonne journée
      0
  13. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    ton rapport est propre. Plus de soucis ?
    0
    1. kiowanaïs Messages postés 642 Date d'inscription   Statut Membre Dernière intervention   1
       
      :D non, c'est bon, plusde souci, merci beaucoup de ton aide!!
      0
  14. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    Bonne nouvelle donc, un peu de lecture ici
    securite proteger un ordinateur contre les malwares d internet

    0