pub intempestives (comme beaucoup)!!!! Résolu

Question

Bonjour,

commme beaucoup  depuis quelques temps, je suis envahie  par de publicités non souhaitées dès que j'ouvre internet explorer.  

J'ai regardé dans le forum et beaucoup de choses sont un vrai chariabia pour moi; apparement la solution est vraiment individuelle. 

est-ce que quelqu'un peut m'indiquer pas à pas  ce que je dois faire car  je n'y comprends pas grand choses. 

merci d'avance car cela devient très fatigant .

Utilisateur anonyme · Answer

Bonjour


Fais ceci pour commencer.



Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.
https://www.f-secure.com/en
Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres)

Copie et colle le contenu de ce rapport dans ta prochaine réponse. 



Télécharge HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

Fais un scan et poste l'analyse ici.

vinceric · Answer

tout d'abord merci pour la rpidité de ta réponse 

alors voici le rapport de secure blakclight

02/10/07 13:50:09 [Info]: BlackLight Engine 1.0.55 initialized
02/10/07 13:50:09 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/10/07 13:50:09 [Note]: 7019 4
02/10/07 13:50:09 [Note]: 7005 0
02/10/07 13:50:15 [Note]: 7006 0
02/10/07 13:50:15 [Note]: 7011 2436
02/10/07 13:50:15 [Note]: 7026 0
02/10/07 13:50:15 [Note]: 7026 0
02/10/07 13:50:18 [Note]: FSRAW library version 1.7.1021

et voici le deuxième que tu m'as demandé (géniale la tutorielle pour ce qui ne connaisses rien ):


Logfile of HijackThis v1.99.1
Scan saved at 13:59:09, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\MIC\HAWAII\Hawaii.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\apps\Powercinema\PCMService.exe
C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\OpiStat\OpiStat\OpiStat.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVComS.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [MM_MODULE] C:\Program Files\MIC\HAWAII\Hawaii.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [OpiStat] C:\Program Files\OpiStat\OpiStat\OpiStat.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Dumb about one heck] D:\Documents and Settings\All Users\Application Data\The Anti Dumb About\Online Idol.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
O4 - HKCU\..\Run: [Save Trust] D:\DOCUME~1\Virginie\APPLIC~1\ANTEMAGS\Support Media Manager.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: OPXPGina - C:\Apps\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

zBr · Answer

Salut  vinceric 

En attendant le retour de chercheurbis:

Télécharge Lopxp2Test   
Dezippe le et lance lopxpMH3.bat
Une fenêtre va s'ouvrir, clic sur "Agree".
Laisse tourner le programme jusqu'à ce que le bloc note s'ouvre et copie et colle le contenu ici.

a+

vinceric · Answer

voilà le resultat du bloc note

Rapport Lopxp fait le 10/02/2007
-------------------------------------------

Exécuté dans D:\Documents and Settings\Virginie\Bureau\Lopxp2Test\Lopxp2Test

/!\ Attention /!\

Les résultats de ce rapport sont sujets à interprétations,
Et ne démontrent pas systématiquement des dossiers infectés...

**************************************************
## Processus

iexplore.exe pid: 3696 358: D:\DOCUME~1\ALLUSE~1\APPLIC~1\THEANT~1\ONLINE~1.EXE
iexplore.exe pid: 3240 4F0: D:\Documents and Settings\All Users\Application Data\The Anti Dumb About\inside rdr spam

**************************************************
## Recherche prédéterminé dans C:\Program Files

C:\Program Files\BitDownload Présent !

Installé le: 21/01/2007

Recherche des dossiers crées le 21/01/2007 :

******************************************
## Tâches planifiées

Suspect : C:\WINDOWS\Tasks\AB78197F913782AF.job

******************************************
## Répertoires Application Data

******************************************
## Répertoires de Program files

Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est 9C05-C0B9

R‚pertoire de C:\Program Files

10/02/2007 13:55 <REP> .
10/02/2007 13:55 <REP> ..
02/08/2006 09:10 <REP> Adobe
17/03/2006 01:23 <REP> AMD
04/02/2007 12:14 <REP> ANTEMAGS
17/03/2006 01:32 <REP> AOL 9.0
17/03/2006 01:23 <REP> AOL Compagnon
01/12/2006 18:45 <REP> Apple Software Update
02/08/2006 09:00 <REP> ArcSoft
17/03/2006 01:23 <REP> ATI Technologies
14/07/2006 12:24 <REP> AuthenTec
17/03/2006 01:24 <REP> AvRack
04/02/2007 12:14 <REP> BitDownload
31/01/2007 21:59 <REP> Bonjour
17/03/2006 01:23 <REP> ComPlus Applications
17/03/2006 01:23 <REP> CyberLink
16/07/2006 09:35 <REP> directx
11/11/2006 20:42 <REP> Disney Interactive
10/02/2007 09:34 <REP> eMule
02/08/2006 09:08 <REP> EPSON
05/12/2006 17:30 <REP> Fichiers communs
17/03/2006 01:26 <REP> Fingerprint Sensor
14/07/2006 12:30 <REP> Free.fr
17/03/2006 01:23 <REP> GMixon
21/10/2006 22:09 <REP> Google
17/03/2006 01:23 <REP> Goto Software
10/02/2007 13:59 <REP> Hijackthis Version Fran‡aise
16/12/2006 15:49 <REP> IncrediMail
28/11/2006 18:12 <REP> Internet Explorer
01/12/2006 18:47 <REP> iPod
01/12/2006 18:47 <REP> iTunes
16/01/2007 18:04 <REP> Java
04/10/2006 18:00 <REP> Kodak
12/11/2006 19:18 <REP> Lavasoft
17/03/2006 01:23 <REP> Learn2.com
16/07/2006 09:35 <REP> Logitech
17/03/2006 01:26 <REP> Messenger
17/03/2006 01:23 <REP> MIC
17/03/2006 01:23 <REP> microsoft frontpage
17/03/2006 01:23 <REP> microsoft office
17/03/2006 01:23 <REP> Microsoft Visual Studio
17/03/2006 01:27 <REP> Movie Maker
10/02/2007 12:52 <REP> Mozilla Firefox
17/03/2006 01:23 <REP> MSN
17/03/2006 01:23 <REP> MSN Gaming Zone
24/08/2006 08:10 <REP> MSN Messenger
19/11/2006 09:47 <REP> MSXML 4.0
17/03/2006 01:27 <REP> NetMeeting
17/03/2006 01:27 <REP> Online Services
02/08/2006 21:34 <REP> OpiStat
17/12/2006 10:04 <REP> Outlook Express
01/12/2006 18:46 <REP> QuickTime
17/03/2006 01:23 <REP> Real
17/03/2006 01:28 <REP> Realtek AC97
17/03/2006 01:23 <REP> Realtek Sound Manager
24/08/2006 14:23 <REP> ScreenMates
02/08/2006 09:07 <REP> SEIKO EPSON Corp
17/03/2006 01:28 <REP> Services en ligne
17/03/2006 01:28 <REP> ShowTime
17/03/2006 01:23 <REP> Sonic
14/07/2006 13:41 <REP> Trend Micro
17/03/2006 01:23 <REP> Ulead Systems
17/03/2006 01:23 <REP> Viewpoint
17/03/2006 01:23 <REP> Windows Media Components
21/12/2006 07:23 <REP> Windows Media Connect 2
21/12/2006 07:23 <REP> Windows Media Player
17/03/2006 01:29 <REP> Windows NT
17/03/2006 01:23 <REP> xerox
08/10/2006 13:29 <REP> XnView
0 fichier(s) 0 octets
69 R‚p(s) 14ÿ387ÿ122ÿ176 octets libres

**************************************************
## Recherche dans le registre

# Startup :

* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Dumb about one heck REG_SZ D:\Documents and Settings\All Users\Application Data\The Anti Dumb About\Online Idol.exe

* HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Save Trust REG_SZ D:\DOCUME~1\Virginie\APPLIC~1\ANTEMAGS\Support Media Manager.exe

# Clé suspecte:

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nounplansafe]

- Label "CiD Help" dans Ajout/Supression de Programmes
- Chemin de désinstallation en invite de commande : D:\DOCUME~1\Virginie\APPLIC~1\ANTEMAGS\Support Media Manager.exe -uninstall

# Clé suspecte:

# Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow

* Mozilla Firefox (1 autorisé 2 interdit)
host popup 1 quiz.france2.fr
host popup 1 www.enviedeplus.com
host popup 1 www.jackpom.com
host popup 1 happyfeet.44.kernix.biz
host popup 1 www.osmoz.fr
host popup 1 www.nrj.fr
host popup 1 www.turbo.fr
host popup 1 www.spectrumsurvey.com
host popup 1 www.rtl.fr
host popup 1 www.kidou.fr
host popup 1 www.selectionjeu.com
host popup 1 www.mapremierefois.com
host popup 1 www.canalsat.fr
host popup 1 fr.france-montagnes.com
host popup 1 www.capricedesdieux.com
host popup 1 turbo.m6.fr
host popup 1 www.weborama.fr
host popup 1 jeurentree.alapage.com
host popup 1 www.nivea.fr
host popup 1 www.kia.fr
host popup 1 www.courir.com
host popup 1 www.vivreplus.com
host popup 1 calendrier-avent.europcar.fr
host popup 1 www2.globalepanel.com
host popup 1 www.cidre-ecusson.com
host popup 1 www.europcar.fr
host popup 1 www.canalj.net
host popup 1 www.loicraison.fr
host popup 1 femmes.msn.fr
host popup 1 www.beautylab.fr
host popup 1 www.image-in-air3d.com
host popup 1 lipton.pourtoutvousdire.com
host popup 1 www.materiel.net
host popup 1 www.etrebien-etrebelle.com
host popup 1 www.natureetdecouvertes.com
host popup 1 www.talentsenherbe.com
host popup 1 secure.fidelite.total.fr
host popup 1 www1.carrefour.fr
host popup 1 www.clubmetro.fr
host popup 1 www.derbyblue.tm.fr
host popup 1 www.routedurhum-whaou.com
host popup 1 www.parents.fr
host popup 1 www.lesensdelafeminite.com
host popup 1 cinema.01net.com
host popup 1 www.marineland.fr
host popup 1 abonnes.sudouest.com
host popup 1 secure.brainjuicer.com
host popup 1 www.eveiletjeux.com
host popup 1 www.tfou.fr
host popup 1 www.lorealparis.fr

* Suite Mozilla / SeaMonkey (1 autorisé 2 interdit)

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

Franchement pour moi c'est vraiment abstrait

merci encore @+

zBr · Answer

Re

Ton problème viens de l'installation de bitdownload, qui installe aussi l'adware lop.com.

Désinstalle "CiD Help" dans Ajout/Supression de Programmes, une fenêtre va s'ouvrir en te demandant de taper les 7 chiffres proposés, fais le et clic sur uninstall.
Ensuite, dans Démarrer > exécuter tape  %temp% et valide.
Supprime tous les fichiers d'extention "exe" s'il y en a.

a++

Utilisateur anonyme · Answer

Re


Oui, il y a une infection Lop.

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les  manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer

1 Télécharge 
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente


2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows. 
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.


3 Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx 
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll 
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 
O4 - HKLM\..\Run: [Dumb about one heck] D:\Documents and Settings\All Users\Application Data\The Anti Dumb About\Online Idol.exe 
O4 - HKCU\..\Run: [Save Trust] D:\DOCUME~1\Virginie\APPLIC~1\ANTEMAGS\Support Media Manager.exe 
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe 
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE 
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll 
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll 
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll 
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) 
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) 
O11 - Options group: [INTERNATIONAL] International* 
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab 
O18 - Protocol: bw+0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw+0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw-0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw-0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw00 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw00s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw10 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw10s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw20 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw20s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw30 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw30s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw40 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw40s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw50 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw50s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw60 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw60s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw70 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw70s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw80 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw80s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw90 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw90s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwa0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwa0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwb0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwb0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwc0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwc0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwd0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwd0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwe0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwe0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwf0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwf0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll 
O18 - Protocol: bwg0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwg0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwh0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwh0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwi0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwi0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwj0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwj0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwk0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwk0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwl0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwl0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwm0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwm0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwn0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwn0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwo0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwo0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwp0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwp0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwq0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwq0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwr0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwr0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bws0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bws0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwt0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwt0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwu0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwu0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwv0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwv0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bww0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bww0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwx0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwx0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwy0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwy0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwz0 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwz0s - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: offline-8876480 - {BB59A874-7B61-4F58-B35D-DDA1B967C728} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer


5 Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes :

BitDownload 


6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Program Files\BitDownload 
C:\WINDOWS\Tasks\AB78197F913782AF.job 
D:\Documents and Settings\All Users\Application Data\The Anti Dumb About
D:\Documents and Settings\Virginie\Application Data\ANTEMAGS

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.


7 Lance le nettoyage avec CCleaner


8 Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. 
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.


9 Redémarre normalement

Poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware.

vinceric · Answer

quel mode sans echec faut-il choisir ? car tu dis de choisir le bon?

@+

vinceric · Answer

zbr 

quand je fais  %temp% il y a pleins de fichiers qui s'affichent
dois-je tous les supprimer?

merci

zBr · Answer

Tu peux supprimer tous les fichiers dans ce répertoire, car se ne sont des fichiers temporaires. 
C'est ce que fera entre autre et en plus approfondis aussi le programme CCleaner, préconisé par Chercheurbis.

Pour le mode sans échec, choisis celui en haut de la liste:  "Mode sans echec" tout court.

Juste une question pour satisfaire ma curiosité, tu as édité le rapport de lopxp ?
Car il ne semblait  pas tout à fait complet...
Mais bon, c'est pas bien grave :-)

a+

vinceric · Answer

merci pour ta réponse zbr

pour le rapport chez copier coller , je pense que j'ai tout selectionné mais c'est possible que j'ai oublie des choses.

@+

vinceric · Answer

je ne vous ai pas oublié!!!

je fais tout ce que vous m'avez dit et l'analyse du système a été très longue.

voici le rapport de hijackthis 

Logfile of HijackThis v1.99.1
Scan saved at 18:46:00, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\MIC\HAWAII\Hawaii.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\apps\Powercinema\PCMService.exe
C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\OpiStat\OpiStat\OpiStat.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\WINDOWS\system32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [MM_MODULE] C:\Program Files\MIC\HAWAII\Hawaii.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [OpiStat] C:\Program Files\OpiStat\OpiStat\OpiStat.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: OPXPGina - C:\Apps\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

et celui du avg spyware

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	18:39:51 10/02/2007

 + Résultat de l'analyse:	



D:\Documents and Settings\Virginie\Mes documents\Ancien Documents XN\incredimail_install.exe -> Not-A-Virus.Downloader.Win32.ImLoader.b : Nettoyé.
:mozilla.210:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.22:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.23:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.58:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.59:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.96:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.9:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.44:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.45:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.46:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.24:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.142:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.216:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.217:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.218:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.219:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.220:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.162:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.189:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.190:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.191:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.254:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.255:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.273:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.299:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.315:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.260:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.206:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.207:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.208:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.209:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.145:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.146:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.137:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.138:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.139:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.66:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.67:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.74:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.75:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.192:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.193:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.31:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.32:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.33:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.140:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.141:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.225:D:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\afjho7je.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP163\A0017825.exe -> Trojan.Inject.au : Nettoyé.
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP163\A0017826.exe -> Trojan.Inject.au : Nettoyé.
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP163\A0017824.exe -> Trojan.Obfuscated.cj : Nettoyé.
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP163\A0017827.exe -> Trojan.Obfuscated.cj : Nettoyé.


Fin du rapport


merci encore pour ce début que me reste-t-il à faire? et comment faire pour ne pas que cela se reproduisent?

@+

Utilisateur anonyme · Answer

Re

Ces rapports sont propres

Pour que cela ne se reproduise pas, attention aux téléchargements, au surfs,

vinceric · Answer

merci beaucoup de m'avoir aider.

@+

Pub intempestives (comme beaucoup)!!!!

13 réponses

Votre réponse

Discussions similaires

Newsletters