Fenêtres intempestives

Fermé
Signaler
Messages postés
42
Date d'inscription
mercredi 28 mars 2007
Statut
Membre
Dernière intervention
5 juillet 2009
-
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
-
Bonjour,

Depuis peu, je suis envahi par de nombreuses fenêtres intempestives lorsque je surf sur le net (drive cleaner, dial messenger, spyware secure, casino ect..) J'ai en parcourant le forum tenter diverses formules de nettoyages (adaware, spybot, avg, cc cleaner) ..rien n'empêche ces fenetres de réapparaitre.

Pouvez vous me donner unesolution à ce problème...Déjà merci

Configuration :
Windows XP
anti virus : f-secure

5 réponses

Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
bonsoir tout le monde

 (drive cleaner, dial messenger, spyware secure, casino ect..)


il faut télécharger comme demandé plus haut F SECURE BLACKLIGHT dans un premier temps afin de virer l'infection
1
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
bonjour,

* Télécharge Blacklight
https://europe.f-secure.com/exclude/blacklight/index.shtml
(de F-Secure)
(le premier de la page)

Enregistre le sur ton Bureau.
Double-clique blbeta.exe
Clique sur "I ACCEPT" .
clique Scan puis Next<*gras>

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé <gras>fsbl.xxxxxxx.log
(les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport,
car des fichiers légitimes peuvent être présents, tel wbemtest.exe
0
Messages postés
42
Date d'inscription
mercredi 28 mars 2007
Statut
Membre
Dernière intervention
5 juillet 2009
1
voici le rapport (merci pour ton aide aide )

03/28/07 20:19:40 [Info]: BlackLight Engine 1.0.55 initialized
03/28/07 20:19:40 [Info]: OS: 5.1 build 2600 (Service Pack 2)
03/28/07 20:19:40 [Note]: 7019 4
03/28/07 20:19:40 [Note]: 7005 0
03/28/07 20:19:42 [Note]: 7006 0
03/28/07 20:19:42 [Note]: 7011 520
03/28/07 20:19:42 [Note]: 7026 0
03/28/07 20:19:42 [Note]: 7026 0
03/28/07 20:19:42 [Note]: 7024 3
03/28/07 20:19:42 [Info]: Hidden process: C:\windows\system32\rubwqnlhxe.exe
03/28/07 20:19:47 [Note]: FSRAW library version 1.7.1021
03/28/07 20:26:48 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\rubwqnlhxe.dat
03/28/07 20:26:48 [Note]: 10002 1
03/28/07 20:26:48 [Info]: Hidden file: C:\windows\system32\rubwqnlhxe.exe
03/28/07 20:26:48 [Note]: 10002 1
03/28/07 20:26:49 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\rubwqnlhxe_nav.dat
03/28/07 20:26:49 [Note]: 10002 1
03/28/07 20:26:50 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\rubwqnlhxe_navps.dat
03/28/07 20:26:50 [Note]: 10002 1
03/28/07 20:30:58 [Note]: 7007 0
0
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206 >
Messages postés
42
Date d'inscription
mercredi 28 mars 2007
Statut
Membre
Dernière intervention
5 juillet 2009

bonsoir,

désolée, mais j'avais pas vu ton post parmis tous les autres
on continue

ces manips sont à faire dans l'ordre stp, imprime car il te faudra les faire en mode sans échec

* Télécharge CCleaner

http://www.filehippo.com/download_ccleaner.html

("Download Latest Version", sur la droite).

Ce logiciel va permettre de supprimer tous les fichiers temporaires. Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.

aide en image pour la suite (ne pas tenir compte des noms, c'est juste à titre indicatif)
ICI
https://forum.pcastuces.com/default.asp

à la lettre N ) Installer Brute Force Uninstaller

* télécharge Brute Force Uninstaller

http://www.merijn.org/files/bfu.zip


* FAIS UN CLIC-DROIT sur le lien ci dessous

http://metallica.geekstogo.com/EGDACCESS.bfu

et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..")

afin de télécharger EGDACCESS.bfu, Type "Tous les fichiers".

Sauvegarde dans le dossier créé (c:\BFU)


* FAIS UN CLIC-DROIT sur le lien ci dessous

http://perso.numericable.fr/~altshift/Info/Fichiers/Winsoftware.bfu

et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..")

afin de télécharger Winsoftware.bfu, Type "Tous les fichiers".

Sauvegarde dans le dossier créé (c:\BFU)


* télécharge Navipromo.zip (par lazzzy)

http://perso.numericable.fr/~altshift/Info/Fichiers/Navipromo07H.zip
et décompresse-le sur ton bureau

* Copie la suite des instructions dans un fichier texte, sur ton bureau. et redémarre en mode sans échec comme indiqué ici

https://forum.pcastuces.com/default.asp#haut

à la lettre C

Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou autre.


* lance le fichier Navipromo.bat qui se trouve dans le dossier Navipromo, sur ton bureau.
* Sélectionne l'option "Recherche et suppression automatique". Patiente.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert

* Relance l'outil, Sélectionne l'option "Suppression Heuristique", et patiente quelques minutes.
Lorsqu'il a terminé, ferme le rapport qui s'est ouvert

* Démarre le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : EGDACCESS.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaîsse et clique sur OK.
Clique exit pour fermer le programme BFU.
Recommence encore une fois.

* Démarre encore le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
* Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : Winsoftware.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Winsoftware.bfu
* Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaîsse et clique sur OK.
* Clique exit pour fermer le programme BFU.
Recommence encore une fois


* Démarrer -> panneau de configuration -> options internet

Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd"

=> Supprime-les tous

* lance Ccleaner pour un nettoyage complet.

* redémarre normalement et poste le contenu du fichier Navipromo.txt qui se trouve dans Poste de travail > disque C:\

Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.
0
Messages postés
42
Date d'inscription
mercredi 28 mars 2007
Statut
Membre
Dernière intervention
5 juillet 2009
1 >
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009

désolé pour le retard, voici le rapport navipromo

Rapport Navipromo.bat 0.71 effectué le dim. 01/04/2007 à 12:32:47,62
L'opération se déroule en mode sans échec sous le compte "Utilisateur"

** Recherche...

1/ rubwqnlhxe trouvé, recherche de rubwqnlhxe*
C:\WINDOWS\SYSTEM32\rubwqnlhxe.dat
C:\WINDOWS\SYSTEM32\rubwqnlhxe.exe
C:\WINDOWS\SYSTEM32\rubwqnlhxe_nav.dat
C:\WINDOWS\SYSTEM32\rubwqnlhxe_navps.dat
C:\WINDOWS\prefetch\RUBWQNLHXE.EXE-0589B6AC.pf

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
rubwqnlhxe REG_SZ c:\windows\system32\rubwqnlhxe.exe rubwqnlhxe

------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode

################################################

** Nettoyage...

1/ Déplacement de rubwqnlhxe* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\rubwqnlhxe* déplacé avec succès !
C:\WINDOWS\prefetch\rubwqnlhxe* déplacé avec succès

------------------
* Suppression clés et valeurs de registre
1 entrées de registre netttoyées


* Backups :

C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\pack.epk
C:\Navipromo\Backups\rubwqnlhxe.dat
C:\Navipromo\Backups\rubwqnlhxe.exe
C:\Navipromo\Backups\RUBWQNLHXE.EXE-0589B6AC.pf
C:\Navipromo\Backups\rubwqnlhxe_nav.dat
C:\Navipromo\Backups\rubwqnlhxe_navps.dat
C:\Navipromo\Backups\Uninstall.reg

Ajout d'extension .off aux backups

## Fin du rapport de Suppression
0
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206 >
Messages postés
42
Date d'inscription
mercredi 28 mars 2007
Statut
Membre
Dernière intervention
5 juillet 2009

bonsoir,

* Télécharge HijackThis et poste le rapport stp

http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
0
Messages postés
42
Date d'inscription
mercredi 28 mars 2007
Statut
Membre
Dernière intervention
5 juillet 2009
1 >
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009

Logfile of HijackThis v1.99.1
Scan saved at 0:48:34, on 2/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Icons\SetIcon.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Makro Offline Software\Agent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\AVerTV USB 2.0 Plus\QuickTV.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\WINDOWS\SCMain.exe
C:\WINDOWS\WCMain.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", ""); (C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Profiles\default\t1sj9twz.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Profiles\default\t1sj9twz.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Sun ONE Synchronization - PocketPC] C:\Program Files\Fichiers communs\XCPCSync\Translators\PocketPC\AutoDetect.exe
O4 - HKLM\..\Run: [Sun ONE Synchronization - MSWinCE2] C:\Program Files\Fichiers communs\XCPCSync\Translators\MSWinCE2\AutoDetect.exe
O4 - HKLM\..\Run: [Sun ONE Synchronization - iPlanet] C:\Program Files\Fichiers communs\XCPCSync\Translators\iPlanet\iPlanetTray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SetIcon] C:\Program Files\Icons\SetIcon.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] C:\Program Files\Makro Offline Software\Agent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: AVerTV USB 2.0.lnk = C:\Program Files\AVerTV USB 2.0 Plus\QuickTV.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Golden Riviera Poker - {85BFB6E0-96F9-4424-8819-1D67E9F78D33} - C:\Program Files\goldenrivieraMPP\MPPoker.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/0719a800677a3538c622/netzip/RdxIE601_fr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB
O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - https://pay.banxafe.be/cab/ElementMisterCash.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.com/clients/ImageUploader3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinoclassic.microgaming.com/casinoclassic/FlashAX.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp01.photoprintit.de/microsite/1456/defaults/activex/IPSUploader.cab
O18 - Protocol: bw+0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - BackWeb Technologies Inc. - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
0
Messages postés
42
Date d'inscription
mardi 27 mars 2007
Statut
Membre
Dernière intervention
20 janvier 2011
2
il y a un bon logiciel c le firewall c des farre et tu demande si tu

veut des fenétre de pub ou pas!!!!!!!!

aller A+ et bonne chance
0
Messages postés
94
Date d'inscription
lundi 3 octobre 2005
Statut
Membre
Dernière intervention
8 mars 2009
2
Salut

malheureusement tu ne levera pas tes fenetres de cette manière mais seulement en changeant la politique d'affichage des fenetres et popup dans IE7.

Un bon parfeu peut aussi faire ce travail pour eviter que tu soit trop polué

Pour paramatrer IE7 je ne sais pas faire mais avec firefox cela est tres simple (a bon entendeur). Pour le parfeu, zone alarme c debrouille pas mal non plus

A+
0
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
bonsoir,

tu connais
C:\Program Files\mrbookmakerfrMPP\MPPoker.exe
C:\Program Files\goldenrivieraMPP\MPPoker.exe
C:\Program Files\CDPoker\casino.exe
C:\Program Files\UnibetpokerMPP\MPPoker.exe

* lance hijackthis pour un "scan seulement" puis coche ces lignes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
4 - HKLM\..\Run: [SetIcon] C:\Program Files\Icons\SetIcon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe ---si tu ne t'en sers pas
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/0719a800677a3538c622/netzip/RdxIE601_fr.cab
O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB
O16 - DPF: {8E7E8EAE-71FF-11D3-B4D2-0060086460F0} (ElementMisterCash1 Class) - https://pay.banxafe.be/cab/ElementMisterCash.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.com/clients/ImageUploader3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinoclassic.microgaming.com/casinoclassic/FlashAX.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp01.photoprintit.de/microsite/1456/defaults/activex/IPSUploader.cab
O18 - Protocol: bw+0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1082E0A3-5621-46D4-8C36-5057481488AA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

* ferme toutes les applications ouvertes y compris IE et clique sur "fixer objet"

reposte un nouveau rapport hijackthis
0