Fenêtres CID bien accrochées...
Résolu/Fermé
Mathfrenchi
Messages postés
13
Date d'inscription
vendredi 9 mars 2007
Statut
Membre
Dernière intervention
17 avril 2011
-
11 mars 2007 à 14:33
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 12 mars 2007 à 13:58
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 12 mars 2007 à 13:58
A voir également:
- Fenêtres CID bien accrochées...
- Samy vous donne accès au fichier partagé le cid. que pouvez-vous faire avec ce document en ligne ? - Forum Virus
- Tapez cette phrase, en respectant bien les espaces et la ponctuation. - Guide
- Roulement en 12h qui fonctionne bien - Télécharger - Outils professionnels
- Outlook s'est fermé alors que vous avez des fenetres ouvertes - Forum Outlook
- Nos systèmes ont détecté un trafic exceptionnel sur votre réseau informatique. cette page permet de vérifier que c'est bien vous qui envoyez des requêtes, et non un robot ✓ - Forum Virus
11 réponses
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
11 mars 2007 à 16:11
11 mars 2007 à 16:11
Bonjour,
n'utilise pas le bleu, c'est très désagréable. Merci.
Pas de parefeu.
Wareout.
Lop.
1) Télécharge et installe Kerio (gratuit même après les 30 jours d'essai) :
http://kerio.probb.fr/Systemesd-exploitation-c1/Logiciels-et-tutoriels-gratuits-tries-par-categorie-f6/Tutoriel-pour-Kerio-4-version-gratuite-t201.htm
Tu as un lien et un tuto dans le lien ci-dessus.
2) Imprime ces instructions car il va y avoir un redémarrage de l'ordinateur.
* Télécharge FixWareout d'un de ces deux sites sur le bureau:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe
* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt).
3) As tu Cid Help (ou quelque chose d'approchant) dans Ajout/suppression de programmes ?
4) Télécharge lopxp :
http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip
dezippe le (clic droit dessus > extraire tout)
et lance lopxpmh.bat en double-cliquant dessus
quand il à terminé, un rapport s'ouvre , copie et colle le contenu dans ta réponse.
5) Remets un log HijackThis.
@+
n'utilise pas le bleu, c'est très désagréable. Merci.
Pas de parefeu.
Wareout.
Lop.
1) Télécharge et installe Kerio (gratuit même après les 30 jours d'essai) :
http://kerio.probb.fr/Systemesd-exploitation-c1/Logiciels-et-tutoriels-gratuits-tries-par-categorie-f6/Tutoriel-pour-Kerio-4-version-gratuite-t201.htm
Tu as un lien et un tuto dans le lien ci-dessus.
2) Imprime ces instructions car il va y avoir un redémarrage de l'ordinateur.
* Télécharge FixWareout d'un de ces deux sites sur le bureau:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe
* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt).
3) As tu Cid Help (ou quelque chose d'approchant) dans Ajout/suppression de programmes ?
4) Télécharge lopxp :
http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip
dezippe le (clic droit dessus > extraire tout)
et lance lopxpmh.bat en double-cliquant dessus
quand il à terminé, un rapport s'ouvre , copie et colle le contenu dans ta réponse.
5) Remets un log HijackThis.
@+
Mathfrenchi
Messages postés
13
Date d'inscription
vendredi 9 mars 2007
Statut
Membre
Dernière intervention
17 avril 2011
11 mars 2007 à 17:26
11 mars 2007 à 17:26
Re bonjour et merci bcp pour la réponse.
- J'ai donc bien instalé le parefeu...je suis étonné je pensais avoir celui de windows..bref avec celui-ci je devrais être tranquil.
- Pour cid Help: oui il apparait bien dans ma liste ajout-suppression...
- Je mets donc les rapports dans l'odre, mais je ne trouve pas comment changer la couleur...:
Report.txt:
Fichier Lop:
Hijack:
Voilà tout, merci encore pour ton aide...
- J'ai donc bien instalé le parefeu...je suis étonné je pensais avoir celui de windows..bref avec celui-ci je devrais être tranquil.
- Pour cid Help: oui il apparait bien dans ma liste ajout-suppression...
- Je mets donc les rapports dans l'odre, mais je ne trouve pas comment changer la couleur...:
Report.txt:
Fixwareout Last edited 2/11/2007 Post this report in the forums please ... »»»»»Prerun check »»»»» System restarted »»»»» Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... »»»»» Misc files. .... »»»»» Checking for older varients. .... Search five digit cs, dm, kd, jb, other, files. The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection. Click browse, find the file then click submit. http://www.virustotal.com/flash/index_en.html Or https://virusscan.jotti.org/ »»»»» Other »»»»» Current runs [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DLBTCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\DLBTtime.dll,_RunDLLEntry@16" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "PinnacleDriverCheck"="C:\\WINDOWS\\system32\\PSDrvCheck.exe -CheckReg" "Ping Find Bind Setup"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Bore face ping find\\defaultfind.exe" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start" "ISUSPM Startup"="C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup" "IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "Dell Photo AIO Printer 922"="\"C:\\Program Files\\Dell Photo AIO Printer 922\\dlbtbmgr.exe\"" "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" "CTSysVol"="C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe /r" "CTHelper"="CTHELPER.EXE" "CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE\"" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Edition Découverte\\3.0\\Apps\\apdproxy.exe\"" "TrojanScanner"="C:\\Program Files\\Trojan Remover\\Trjscan.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" "Spamihilator"="\"C:\\Program Files\\Spamihilator\\spamihilator.exe\"" "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "Balm lite"="C:\\DOCUME~1\\DUMONT~1.MAT\\APPLIC~1\\INTERN~1\\drv bird roam.exe" .... Hosts file was reset, If you use a custom hosts file please replace it »»»»» End report »»»»»
Fichier Lop:
Rapport fait à 17:06:26,07 le 11/03/2007 ****************************************** ## Répertoires Application Data Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\Administrateur\Application Data 11/03/2007 12:45 <REP> . 11/03/2007 12:45 <REP> .. 11/03/2007 12:45 <REP> Microsoft 11/03/2007 12:45 62 desktop.ini 1 fichier(s) 62 octets 3 R‚p(s) 50ÿ116ÿ317ÿ184 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data 11/03/2007 12:45 <REP> . 11/03/2007 12:45 <REP> .. 11/03/2007 12:45 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ313ÿ088 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\All Users\Application Data 03/12/2005 12:48 <REP> . 03/12/2005 12:48 <REP> .. 03/12/2005 19:54 <REP> Adobe 04/12/2005 18:12 <REP> Apple Computer 03/12/2005 19:34 <REP> Messenger Plus! 03/12/2005 12:48 <REP> Microsoft 03/12/2005 19:40 <REP> Pinnacle 03/12/2005 19:53 <REP> QuickTime 04/12/2005 01:29 <REP> SmartSound Software Inc 07/01/2006 01:22 <REP> Spybot - Search & Destroy 03/12/2005 12:24 <REP> Windows Genuine Advantage 03/12/2005 12:48 62 desktop.ini 31/12/2005 15:30 1ÿ768 QTSBandwidthCache 2 fichier(s) 1ÿ830 octets 11 R‚p(s) 50ÿ116ÿ313ÿ088 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\All Users.WINDOWS\Application Data 07/01/2006 16:57 <REP> . 07/01/2006 16:57 <REP> .. 26/06/2006 06:59 <REP> Adobe 07/01/2006 18:39 <REP> Apple Computer 25/01/2007 23:30 <REP> Bore face ping find 27/01/2007 10:16 <REP> Google 27/01/2007 10:16 <REP> Google Updater 07/01/2006 18:06 <REP> InstallShield 07/01/2006 16:57 <REP> Microsoft 18/05/2006 22:40 <REP> Microsoft Help 10/03/2007 12:52 <REP> Office Genuine Advantage 30/01/2006 17:41 <REP> Pinnacle 05/05/2006 00:24 <REP> Skype 30/01/2006 18:00 <REP> SmartSound Software Inc 12/12/2006 23:37 <REP> Sony Ericsson 07/01/2006 17:08 <REP> Spybot - Search & Destroy 12/12/2006 23:37 <REP> Teleca 11/03/2007 14:48 <REP> TEMP 30/09/2006 15:55 <REP> TuneUp Software 07/01/2006 16:51 <REP> Windows Genuine Advantage 07/01/2006 16:58 62 desktop.ini 07/01/2006 18:58 1ÿ377 QTSBandwidthCache 2 fichier(s) 1ÿ439 octets 20 R‚p(s) 50ÿ116ÿ313ÿ088 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\Default User\Application Data 03/12/2005 12:48 <REP> . 03/12/2005 12:48 <REP> .. 03/12/2005 12:48 <REP> Microsoft 03/12/2005 12:48 62 desktop.ini 1 fichier(s) 62 octets 3 R‚p(s) 50ÿ116ÿ313ÿ088 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data 03/12/2005 12:48 <REP> . 03/12/2005 12:48 <REP> .. 03/12/2005 11:55 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ308ÿ992 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\Default User.WINDOWS\Application Data 07/01/2006 16:57 <REP> . 07/01/2006 16:57 <REP> .. 07/01/2006 16:57 <REP> Microsoft 07/01/2006 16:58 62 desktop.ini 1 fichier(s) 62 octets 3 R‚p(s) 50ÿ116ÿ308ÿ992 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\Default User.WINDOWS\Local Settings\Application Data 07/01/2006 16:58 <REP> . 07/01/2006 16:58 <REP> .. 07/01/2006 16:07 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ308ÿ992 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\DUMONT.MATHIEU\Application Data 07/01/2006 16:11 <REP> . 07/01/2006 16:11 <REP> .. 01/02/2006 11:49 <REP> Adobe 01/02/2006 11:49 <REP> AdobeUM 07/01/2006 18:58 <REP> Apple Computer 25/01/2007 23:29 <REP> BitDownload 05/01/2007 23:23 <REP> BSplayer 30/12/2006 16:51 <REP> COWON 07/01/2006 16:32 <REP> Creative 30/01/2006 15:02 <REP> CyberLink 31/12/2006 18:04 <REP> DivX 04/03/2007 20:01 <REP> DMCache 23/03/2006 14:40 <REP> drms 01/07/2006 12:01 <REP> dvdcss 21/04/2006 21:58 <REP> FotoWire 04/03/2007 20:59 <REP> Free Download Manager 27/01/2007 10:16 <REP> Google 08/04/2006 17:05 <REP> Help 07/01/2006 16:11 <REP> Identities 07/02/2007 18:22 <REP> InstallShield 25/01/2007 23:29 <REP> internet defy 29/12/2006 16:49 <REP> iPodder 08/04/2006 17:08 <REP> Jasc Software Inc 27/01/2007 12:17 <REP> Lavasoft 10/09/2006 11:25 <REP> Leadertech 03/03/2006 13:13 <REP> Lionhead Studios 07/01/2006 16:59 <REP> Macromedia 10/01/2007 08:31 <REP> Media Player Classic 07/01/2006 16:11 <REP> Microsoft 28/04/2006 19:19 <REP> Microsoft Web Folders 14/05/2006 09:21 <REP> Mozilla 17/06/2006 01:48 <REP> NetMedia Providers 26/02/2006 12:39 <REP> Player Wanadoo 17/06/2006 01:48 <REP> Publish Providers 22/01/2007 22:01 <REP> SecondLife 07/02/2007 18:33 <REP> SecuROM 11/03/2007 14:47 <REP> Simply Super Software 05/05/2006 00:24 <REP> Skype 10/09/2006 11:26 <REP> Sonic 17/06/2006 01:48 <REP> Sonic Foundry 23/06/2006 13:36 <REP> Sowedoo Software 17/12/2006 18:56 <REP> SpamPal 31/12/2006 02:35 <REP> STOIK 24/01/2006 17:29 <REP> Sun 21/02/2006 20:15 <REP> teamspeak2 12/12/2006 23:38 <REP> Teleca 30/09/2006 15:55 <REP> TuneUp Software 27/01/2006 17:37 <REP> Ventrilo 01/07/2006 12:02 <REP> vlc 07/01/2006 16:11 62 desktop.ini 08/06/2006 15:49 80ÿ056 GDIPFONTCACHEV1.DAT 02/06/2006 19:14 3ÿ686ÿ454 ZBWallpaper.bmp 3 fichier(s) 3ÿ766ÿ572 octets 49 R‚p(s) 50ÿ116ÿ308ÿ992 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\DUMONT.MATHIEU\Local Settings\Application Data 07/01/2006 16:11 <REP> . 07/01/2006 16:11 <REP> .. 14/01/2006 20:38 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150050} 01/02/2006 11:49 <REP> Adobe 07/01/2006 18:58 <REP> Apple Computer 26/02/2006 12:38 <REP> ApplicationHistory 09/01/2007 08:08 <REP> Ares 24/10/2006 23:09 <REP> EASportsOnline1 06/05/2006 14:53 <REP> Freelancer 27/01/2007 10:16 <REP> Google 08/04/2006 17:05 <REP> Help 07/01/2006 16:54 <REP> Identities 19/10/2006 20:15 <REP> Logiciel Photo Orange 21/04/2006 22:05 <REP> Logitech-LS 07/01/2006 16:11 <REP> Microsoft 18/05/2006 22:41 <REP> Microsoft Help 14/05/2006 09:21 <REP> Mozilla 09/09/2006 10:36 <REP> Oblivion 22/02/2006 19:25 <REP> OD2 10/03/2007 12:58 <REP> PCHealth 30/01/2006 15:02 <REP> PowerDVD 28/04/2006 18:17 <REP> WMTools Downloaded Files 10/03/2007 01:59 <REP> Yahoo 30/01/2006 12:30 150ÿ016 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 26/02/2006 12:38 137 fusioncache.dat 07/01/2006 17:29 87ÿ152 GDIPFONTCACHEV1.DAT 07/01/2006 16:26 2ÿ113ÿ858 IconCache.db 4 fichier(s) 2ÿ351ÿ163 octets 23 R‚p(s) 50ÿ116ÿ304ÿ896 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\LocalService\Application Data 03/12/2005 12:02 <REP> . 03/12/2005 12:02 <REP> .. 03/12/2005 12:02 <REP> Microsoft 06/01/2006 18:10 <REP> NetMon 0 fichier(s) 0 octets 4 R‚p(s) 50ÿ116ÿ304ÿ896 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data 03/12/2005 12:02 <REP> . 03/12/2005 12:02 <REP> .. 03/12/2005 12:02 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ304ÿ896 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\LocalService.AUTORITE NT\Application Data 07/01/2006 16:10 <REP> . 07/01/2006 16:10 <REP> .. 07/01/2006 16:10 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ304ÿ896 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data 07/01/2006 16:10 <REP> . 07/01/2006 16:10 <REP> .. 07/01/2006 16:10 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ304ÿ896 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\NetworkService\Application Data 03/12/2005 11:57 <REP> . 03/12/2005 11:57 <REP> .. 03/12/2005 11:57 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ304ÿ896 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data 03/12/2005 11:57 <REP> . 03/12/2005 11:57 <REP> .. 03/12/2005 11:57 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ304ÿ896 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data 07/01/2006 16:10 <REP> . 07/01/2006 16:10 <REP> .. 07/01/2006 16:10 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ300ÿ800 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data 07/01/2006 16:10 <REP> . 07/01/2006 16:10 <REP> .. 07/01/2006 16:10 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ300ÿ800 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data 03/12/2005 11:57 <REP> . 03/12/2005 11:57 <REP> .. 03/12/2005 11:57 <REP> Microsoft 07/01/2006 16:09 62 desktop.ini 1 fichier(s) 62 octets 3 R‚p(s) 50ÿ116ÿ300ÿ800 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data 03/12/2005 11:57 <REP> . 03/12/2005 11:57 <REP> .. 03/12/2005 11:57 <REP> Microsoft 0 fichier(s) 0 octets 3 R‚p(s) 50ÿ116ÿ300ÿ800 octets libres ****************************************** Recherche des taches planifiées dans C:\WINDOWS\tasks Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\WINDOWS\Tasks 27/02/2007 07:23 278 A827B05691842736.job 27/11/2006 19:30 284 AppleSoftwareUpdate.job 30/09/2006 15:55 410 Maintenance en 1 clic.job 07/01/2006 16:10 6 SA.DAT 07/01/2006 16:04 65 desktop.ini 03/12/2005 11:53 <REP> .. 03/12/2005 11:53 <REP> . 5 fichier(s) 1ÿ043 octets 2 R‚p(s) 50ÿ116ÿ300ÿ800 octets libres ****************************************** ## Répertoires de C:\Program Files Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 3885-AD85 R‚pertoire de C:\Program Files 11/03/2007 16:47 <REP> . 11/03/2007 16:47 <REP> .. 11/03/2007 14:14 <REP> ABBYY FineReader 5.0 Sprint 12/12/2006 23:41 <REP> Adobe 07/01/2006 01:27 <REP> Alwil Software 19/05/2006 14:44 <REP> Apache Group 28/01/2007 17:09 <REP> Apple Software Update 30/12/2005 08:20 <REP> Astase 23/08/2006 06:40 <REP> AWS 09/09/2006 10:36 <REP> Bethesda Softworks 25/01/2007 23:52 <REP> BitDownload 03/12/2005 12:13 <REP> Broadcom 17/06/2006 01:35 <REP> Buzz 02/06/2006 18:52 <REP> Canon 29/07/2006 12:10 <REP> Captel 27/01/2007 11:52 <REP> CCleaner 11/01/2007 19:16 <REP> Combined Community Codec Pack 03/12/2005 11:53 <REP> ComPlus Applications 30/12/2006 17:00 <REP> Converio 2.0 03/12/2005 15:13 <REP> Creative 17/12/2005 11:53 <REP> Croteam 07/01/2006 18:01 <REP> CyberLink 07/02/2007 18:21 <REP> DAEMON Tools 03/12/2005 12:10 <REP> Dell 03/12/2005 16:34 <REP> Dell Computer 03/12/2005 16:32 <REP> Dell Photo AIO Printer 922 03/12/2005 19:35 <REP> directx 12/12/2006 23:36 <REP> Disc2Phone 30/12/2006 18:21 <REP> DivX 20/05/2006 12:13 <REP> DivXCodec 11/03/2007 16:46 <REP> Dl_cats 02/03/2006 16:56 <REP> DVD Audio Extractor 30/01/2006 18:37 <REP> DVD Decrypter 30/01/2006 18:44 <REP> DVDx 01/01/2007 23:35 <REP> EA GAMES 30/12/2006 17:01 <REP> EA SPORTS 26/06/2006 18:00 <REP> EasyGuppY 20/08/2006 18:51 <REP> EasyPHP1-8 03/03/2007 23:51 <REP> eMule 03/03/2007 11:05 <REP> ewido anti-spyware 4.0 15/08/2006 17:59 <REP> FeedReader30 04/02/2007 01:00 <REP> Fichiers communs 04/12/2005 19:17 <REP> FileZilla 04/03/2007 20:52 <REP> Free Download Manager 11/03/2007 14:14 <REP> Google 11/01/2007 16:15 <REP> Haali 03/12/2005 12:30 <REP> HighMAT CD Writing Wizard 11/03/2007 14:29 <REP> Hijackthis Version Fran‡aise 27/04/2006 21:34 <REP> HLSW 04/12/2005 18:04 <REP> Illustrate 03/12/2005 12:11 <REP> Intel 27/02/2007 07:23 <REP> internet defy 22/02/2007 22:47 <REP> Internet Explorer 27/11/2006 19:32 <REP> iPod 29/07/2006 11:58 <REP> i-ScanCam DX 27/11/2006 19:32 <REP> iTunes 03/12/2005 16:34 <REP> Jasc Software Inc 02/11/2006 10:12 <REP> Java 07/10/2006 11:18 <REP> Jeskola Buzz 31/12/2006 15:20 <REP> JetAudio 29/12/2006 16:48 <REP> Juice 07/10/2006 11:18 <REP> JVTorrent 11/03/2007 16:47 <REP> Kerio 07/10/2006 11:18 <REP> K-Lite Codec Pack 31/12/2006 01:25 <REP> KONAMI 03/12/2005 19:34 <REP> Labtec 27/01/2007 12:17 <REP> Lavasoft 07/10/2006 11:18 <REP> Lecteur CANALPLAY 21/04/2006 21:58 <REP> Logitech 23/08/2006 06:41 <REP> Maxthon 07/10/2006 11:18 <REP> Messenger 01/01/2006 15:56 <REP> MessengerPlus! 3 03/12/2005 11:55 <REP> microsoft frontpage 04/02/2007 02:38 <REP> Microsoft Money 2005 10/03/2007 11:37 <REP> Microsoft Office 18/05/2006 22:46 <REP> Microsoft SQL Server 10/03/2007 11:37 <REP> Microsoft Visual Studio 10/03/2007 11:32 <REP> Microsoft Visual Studio 8 10/03/2007 11:38 <REP> Microsoft Works 18/05/2006 22:40 <REP> Microsoft.NET 13/05/2006 13:11 <REP> Monte Cristo 03/12/2005 11:53 <REP> Movie Maker 19/05/2006 15:22 <REP> Mozilla Firefox 10/03/2007 11:38 <REP> MSBuild 19/12/2005 17:18 <REP> MSN 03/12/2005 11:52 <REP> MSN Gaming Zone 14/12/2006 23:03 <REP> MSN Messenger 16/11/2006 18:17 <REP> MSXML 4.0 03/12/2005 15:29 <REP> Nero 16/12/2005 16:56 <REP> Netlor Studio 03/12/2005 11:54 <REP> NetMeeting 20/05/2006 12:14 <REP> NimoCodec Pack 03/12/2005 11:53 <REP> Online Services 16/12/2006 11:43 <REP> Outlook Express 03/03/2006 08:44 <REP> PANZERS - Phase II - Demo (Tunis) 03/12/2005 19:42 <REP> Pinnacle 28/01/2007 17:09 <REP> QuickTime 03/12/2005 19:35 <REP> Real 30/01/2006 18:24 <REP> RM-X CopyDVD 30/01/2006 18:31 <REP> RM-X Player V4 25/03/2006 13:43 <REP> Rockstar Games 24/04/2006 18:14 <REP> SAGEM 21/01/2006 18:26 <REP> SAGEM Wi-Fi USB 802.11g 11/01/2007 19:19 <REP> Satsuki Decoder Pack 22/01/2007 22:01 <REP> SecondLife 03/12/2005 11:54 <REP> Services en ligne 05/05/2006 00:24 <REP> Skype 18/05/2006 23:50 <REP> Smart Data Recovery 04/12/2005 01:29 <REP> SmartSound Software 27/03/2006 16:45 <REP> Sonic 17/06/2006 01:47 <REP> Sonic Foundry Setup 15/04/2006 10:22 <REP> Sony 12/12/2006 23:37 <REP> Sony Ericsson 11/03/2007 16:03 <REP> Spamihilator 27/01/2007 10:38 <REP> Spybot - Search & Destroy 15/08/2006 19:10 <REP> SpyWebcam 22/01/2007 22:33 <REP> Steam 19/02/2006 11:39 <REP> Strategic Command Gold 11/12/2005 16:54 <REP> Tacmi 21/02/2006 20:15 <REP> Teamspeak2_RC2 20/05/2006 12:13 <REP> The Playa 23/02/2007 08:49 <REP> THQ 15/08/2006 19:07 <REP> ToniArts 27/01/2007 11:21 <REP> Trend Micro 11/03/2007 17:04 <REP> Trojan Remover 30/09/2006 15:55 <REP> TuneUp Utilities 2006 07/02/2007 18:22 <REP> Ubisoft 10/03/2007 19:18 2ÿ241 uninstal.log 03/12/2005 15:20 <REP> VDCodecPack1.7 27/01/2006 17:36 <REP> Ventrilo 16/12/2005 17:28 <REP> Video Manager 01/07/2006 12:00 <REP> VideoLAN 24/12/2006 18:15 <REP> VirginMega 21/03/2006 08:23 <REP> Virtools Web Player 3.0 30/01/2006 17:40 <REP> VSO 28/12/2006 12:03 <REP> Wanadoo 21/04/2006 23:29 <REP> Webcamfirst 05/01/2007 23:23 <REP> Webteh 03/09/2006 19:20 <REP> Windows Journal Viewer 24/08/2006 18:37 <REP> Windows Live Safety Center 09/12/2006 12:10 <REP> Windows Media Connect 2 24/12/2006 18:44 <REP> Windows Media Player 03/12/2005 11:52 <REP> Windows NT 30/09/2006 16:03 <REP> WinRAR 30/09/2006 14:22 <REP> XBOX to USB 03/12/2005 11:55 <REP> xerox 30/12/2006 15:06 <REP> xp-AntiSpy 20/05/2006 12:13 <REP> XviD 10/03/2007 01:59 <REP> Yahoo! 1 fichier(s) 2ÿ241 octets 148 R‚p(s) 50ÿ116ÿ284ÿ416 octets libres ****************************************** ## Popups autorisées * Internet Explorer ! REG.EXE VERSION 3.0 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow netbios-wait.com REG_SZ www.netbios-wait.com REG_SZ netsearchsoft.com REG_SZ www.netsearchsoft.com REG_SZ * Mozilla Firefox (1 autorisé 2 interdit) ****************************************** ## Registre * [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] Sony Ericsson PC Suite REG_SZ "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions Ping Find Bind Setup REG_SZ C:\Documents and Settings\All Users.WINDOWS\Application Data\Bore face ping find\defaultfind.exe * [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] Balm lite REG_SZ C:\DOCUME~1\DUMONT~1.MAT\APPLIC~1\INTERN~1\drv bird roam.exe ****************************************** ## Zones de sécurité * HKCU Domains (4) * P3P History (5) ****************************************** ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif" *************** Fin du rapport ****************
Hijack:
Logfile of HijackThis v1.99.1 Scan saved at 17:08:03, on 11/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Spamihilator\spamihilator.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Wanadoo\Player Wanadoo\Player Wanadoo.exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Maxthon\Maxthon.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [Ping Find Bind Setup] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bore face ping find\defaultfind.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Balm lite] C:\DOCUME~1\DUMONT~1.MAT\APPLIC~1\INTERN~1\drv bird roam.exe O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: Player Wanadoo.lnk = C:\Program Files\Wanadoo\Player Wanadoo\Player Wanadoo.exe O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.tourismeville.wanadoo.fr/activex/AxisCamControl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1B2293AC-413E-4483-95B9-18683102DAEB}: NameServer = 85.255.116.101,85.255.112.153 O17 - HKLM\System\CCS\Services\Tcpip\..\{59E9F3E6-A802-490E-8AB4-D9553A41DB25}: NameServer = 85.255.116.101,85.255.112.153 O17 - HKLM\System\CCS\Services\Tcpip\..\{8EF01301-45A6-461F-B883-148C4C3C112E}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{CAE5C41B-FE0D-438E-A4CF-26DD54916413}: NameServer = 85.255.116.101,85.255.112.153 O17 - HKLM\System\CCS\Services\Tcpip\..\{EF12F5D5-FA23-4A58-8DCF-31122A3E2D36}: NameServer = 85.255.116.101,85.255.112.153 O18 - Protocol: bw+0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Voilà tout, merci encore pour ton aide...
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
11 mars 2007 à 17:43
11 mars 2007 à 17:43
Bonjour,
1) vérifie que le parefeu Windows est désactivé (panneau de configuration, parefeu Windows).
2) désinstalle Cid help via le panneau de configuration, Ajout/suppression de programmes.
3) relances HijackThis, choisis do a scan only.
Coche la case devant les lignes suivantes :
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B2293AC-413E-4483-95B9-18683102DAEB}: NameServer = 85.255.116.101,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E9F3E6-A802-490E-8AB4-D9553A41DB25}: NameServer = 85.255.116.101,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAE5C41B-FE0D-438E-A4CF-26DD54916413}: NameServer = 85.255.116.101,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF12F5D5-FA23-4A58-8DCF-31122A3E2D36}: NameServer = 85.255.116.101,85.255.112.153
O18 - Protocol: bw+0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
(attention, il n'y a pas toutes les 017 ni toutes les 018)
ferme toutes les fenêtres actives et clique sur fix checked.
Fermes Hijackthis.
4) remets un log Hijackthis.
@+
1) vérifie que le parefeu Windows est désactivé (panneau de configuration, parefeu Windows).
2) désinstalle Cid help via le panneau de configuration, Ajout/suppression de programmes.
3) relances HijackThis, choisis do a scan only.
Coche la case devant les lignes suivantes :
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B2293AC-413E-4483-95B9-18683102DAEB}: NameServer = 85.255.116.101,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E9F3E6-A802-490E-8AB4-D9553A41DB25}: NameServer = 85.255.116.101,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAE5C41B-FE0D-438E-A4CF-26DD54916413}: NameServer = 85.255.116.101,85.255.112.153
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF12F5D5-FA23-4A58-8DCF-31122A3E2D36}: NameServer = 85.255.116.101,85.255.112.153
O18 - Protocol: bw+0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
(attention, il n'y a pas toutes les 017 ni toutes les 018)
ferme toutes les fenêtres actives et clique sur fix checked.
Fermes Hijackthis.
4) remets un log Hijackthis.
@+
Mathfrenchi
Messages postés
13
Date d'inscription
vendredi 9 mars 2007
Statut
Membre
Dernière intervention
17 avril 2011
11 mars 2007 à 18:08
11 mars 2007 à 18:08
Voilà, par contre je trouve tjrs pas comment mettre le code en noir...
Mais le voici après la manip de fix:
Mais le voici après la manip de fix:
Logfile of HijackThis v1.99.1 Scan saved at 18:05:46, on 11/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: Player Wanadoo.lnk = C:\Program Files\Wanadoo\Player Wanadoo\Player Wanadoo.exe O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.tourismeville.wanadoo.fr/activex/AxisCamControl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8EF01301-45A6-461F-B883-148C4C3C112E}: NameServer = 192.168.1.1 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exeMerci encore...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
11 mars 2007 à 18:23
11 mars 2007 à 18:23
Re,
Lis bien et exécute cette manip dans l’ordre.
#Télécharge et installe ces logiciels (si tu ne les as pas) pour les 3 premiers
mets les à jour, comme indiqué dans les démos ou tutos.
Ne les utilises pas tout de suite.
Antispywares et autres :
*Ad-Aware (gratuit)
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
Tuto :
http://perso.orange.fr/entraide-hijackthis/AdAware/AdAware.htm
*Spybot (gratuit) :
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
voir demo d utilisation (merci Balltrap)
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
* AVG AS
AVG anti spyware
https://www.01net.com/telecharger/
Met le a jour avant de lancer le scan.
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
Nettoyeurs (de fichiers inutiles) et autres :
*Ccleaner (gratuit)
Téléchargement :
https://www.01net.com/
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !
========================================
->Affiches tous les fichiers et dossiers :
cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage
[Coche] « afficher les dossiers et fichiers cachés »
[Décoches] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »
[Décoches] « masquer les extensions dont le type est connu »
Puis fais [appliquer] pour valider les changements.
Et [Ok]
=======================================
->Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec
puis tape « entrée ».
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
->Lance CCleaner.
Suppression des fichiers temporaires
Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche
Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé)
• Clique sur [Analyse]
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur [Lancer le Nettoyage]
========================================
->Lance AVG pour un scan complet "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau et [copie/colle le rapport en forum]
========================================
->Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
========================================
->Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
========================================
->Relance CCleaner.
Suppression des incohérences du registre
• Clique sur l'icône [Erreurs] situés dans la marge à gauche
• Puis clique sur [Analyser les erreurs]
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur [Corriger les erreurs].
Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement.
========================================
->Vide ta Corbeille.
========================================
->Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.
Et dis moi ou en sont tes probs s’il t’en reste.
@+
Lis bien et exécute cette manip dans l’ordre.
#Télécharge et installe ces logiciels (si tu ne les as pas) pour les 3 premiers
mets les à jour, comme indiqué dans les démos ou tutos.
Ne les utilises pas tout de suite.
Antispywares et autres :
*Ad-Aware (gratuit)
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
Tuto :
http://perso.orange.fr/entraide-hijackthis/AdAware/AdAware.htm
*Spybot (gratuit) :
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
voir demo d utilisation (merci Balltrap)
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
* AVG AS
AVG anti spyware
https://www.01net.com/telecharger/
Met le a jour avant de lancer le scan.
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
Nettoyeurs (de fichiers inutiles) et autres :
*Ccleaner (gratuit)
Téléchargement :
https://www.01net.com/
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !
========================================
->Affiches tous les fichiers et dossiers :
cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage
[Coche] « afficher les dossiers et fichiers cachés »
[Décoches] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »
[Décoches] « masquer les extensions dont le type est connu »
Puis fais [appliquer] pour valider les changements.
Et [Ok]
=======================================
->Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec
puis tape « entrée ».
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
->Lance CCleaner.
Suppression des fichiers temporaires
Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche
Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé)
• Clique sur [Analyse]
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur [Lancer le Nettoyage]
========================================
->Lance AVG pour un scan complet "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau et [copie/colle le rapport en forum]
========================================
->Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
========================================
->Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
========================================
->Relance CCleaner.
Suppression des incohérences du registre
• Clique sur l'icône [Erreurs] situés dans la marge à gauche
• Puis clique sur [Analyser les erreurs]
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur [Corriger les erreurs].
Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement.
========================================
->Vide ta Corbeille.
========================================
->Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.
Et dis moi ou en sont tes probs s’il t’en reste.
@+
Mathfrenchi
Messages postés
13
Date d'inscription
vendredi 9 mars 2007
Statut
Membre
Dernière intervention
17 avril 2011
12 mars 2007 à 00:12
12 mars 2007 à 00:12
Et bien merci bcp ...à priori plus de soucis avec les fenetres CID...
Je poste quand même le dernier rapport hijack:
Encore une fois merci bcp à toi pour cet accompagnement...
Je poste quand même le dernier rapport hijack:
Logfile of HijackThis v1.99.1 Scan saved at 00:08:12, on 12/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Wanadoo\Player Wanadoo\Player Wanadoo.exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Maxthon\Maxthon.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: Player Wanadoo.lnk = C:\Program Files\Wanadoo\Player Wanadoo\Player Wanadoo.exe O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase969.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.tourismeville.wanadoo.fr/activex/AxisCamControl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8EF01301-45A6-461F-B883-148C4C3C112E}: NameServer = 192.168.1.1 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {8E9887A1-8C95-458D-91C7-46689A828F0F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Encore une fois merci bcp à toi pour cet accompagnement...
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
12 mars 2007 à 07:35
12 mars 2007 à 07:35
Bonjour,
le log est clean.
On peut nettoyer quelques active X (si tu réutilises le service, il faudra que tu acceptes à nouveau l'active X).
On gardera le backup quelque temps pour restaurer si nécessaire.
Tu relances Hijackthis, tu choisis do a scan only.
Tu coches la case devant les lignes :
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.tourismeville.wanadoo.fr/activex/AxisCamControl.cab
Tu fermes toutes les autres fenêtres actives et tu cliques sur fix checked.
Tu refermes HijackThis.
Tu reviens dans 2 ou 3 jours confirmer que tout est OK.
Je te dirai ce que tu peux supprimer de l'ordi à ce moment là.
@+
le log est clean.
On peut nettoyer quelques active X (si tu réutilises le service, il faudra que tu acceptes à nouveau l'active X).
On gardera le backup quelque temps pour restaurer si nécessaire.
Tu relances Hijackthis, tu choisis do a scan only.
Tu coches la case devant les lignes :
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.tourismeville.wanadoo.fr/activex/AxisCamControl.cab
Tu fermes toutes les autres fenêtres actives et tu cliques sur fix checked.
Tu refermes HijackThis.
Tu reviens dans 2 ou 3 jours confirmer que tout est OK.
Je te dirai ce que tu peux supprimer de l'ordi à ce moment là.
@+
Mathfrenchi
Messages postés
13
Date d'inscription
vendredi 9 mars 2007
Statut
Membre
Dernière intervention
17 avril 2011
12 mars 2007 à 07:58
12 mars 2007 à 07:58
Ok merci bcp je viens de fixer les lignes indiquées...Par contre je suis en déplacement pour le reste de la semaine...alors je te confirmerais ca ce week end ; et si tu peux me guider pour effectivement continuer à néttoyer le reste..ca sera avec grand plaisir...
En tout cas merci encore pour le coup de main...
En tout cas merci encore pour le coup de main...
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
12 mars 2007 à 11:16
12 mars 2007 à 11:16
Bonjour,
de rien.
Bon voyage et à samedi ou dimanche.
@+
de rien.
Bon voyage et à samedi ou dimanche.
@+
j'ai exactement le même problème: j'ai télécharger hijackthis..
est-ce que vous pourriez m'aider svp?
Logfile of HijackThis v1.99.1
Scan saved at 13:28:06, on 12/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\microsoft office\Office\OSA.EXE
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB002" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Bike Stupid Scr Burn] C:\Documents and Settings\All Users\Application Data\Clockhidebikestupid\Delete cdrom.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Noun Roam] C:\DOCUME~1\Jess\APPLIC~1\ABOUTB~1\Copysetupbike.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\microsoft office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\microsoft office\Office\FINDFAST.EXE
O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46C2E9CD-17D7-4EDB-915F-CD80203EBBAD}: NameServer = 84.103.237.146 86.64.145.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{46C2E9CD-17D7-4EDB-915F-CD80203EBBAD}: NameServer = 84.103.237.146 86.64.145.146
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
est-ce que vous pourriez m'aider svp?
Logfile of HijackThis v1.99.1
Scan saved at 13:28:06, on 12/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\microsoft office\Office\OSA.EXE
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB002" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Bike Stupid Scr Burn] C:\Documents and Settings\All Users\Application Data\Clockhidebikestupid\Delete cdrom.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Noun Roam] C:\DOCUME~1\Jess\APPLIC~1\ABOUTB~1\Copysetupbike.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\microsoft office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\microsoft office\Office\FINDFAST.EXE
O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46C2E9CD-17D7-4EDB-915F-CD80203EBBAD}: NameServer = 84.103.237.146 86.64.145.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{46C2E9CD-17D7-4EDB-915F-CD80203EBBAD}: NameServer = 84.103.237.146 86.64.145.146
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
12 mars 2007 à 13:33
12 mars 2007 à 13:33
Bonjour,
Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
Bonne suite.
Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace
Procèdes comme ceci :
http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
Bonne suite.
jessica09
Messages postés
13
Date d'inscription
lundi 12 mars 2007
Statut
Membre
Dernière intervention
18 mars 2007
12 mars 2007 à 13:43
12 mars 2007 à 13:43
ok, c'est bon je viens de faire un nouveau sujet..
merci..
merci..
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
12 mars 2007 à 13:58
12 mars 2007 à 13:58
Re,
vu, répondu.
vu, répondu.