Sujet Précédent Sujet Suivant

Infecté par grazy girls

Fermé
paypay - 9 juil. 2007 à 14:14
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 - 13 juil. 2007 à 13:50
je suis en permanence attaquer par crazy girls et d'autres services il s'ajoute a mon bureau et quand je les suprimes ils reviennes j'ai scanner plusieurs fois mon pc avec:avast ,spybot, mc afee,spyware dextructor...mais ils n'ont trouve que des cookies traceur nommes"pc-on-internet".
merci de m'aider!

18 réponses

Réponse 1 / 18
paypay
9 juil. 2007 à 15:06
j'ai scanner mon pc avec hijackthis et voila mon rapport:Logfile of HijackThis v1.99.1
Scan saved at 13:50:37, on 09/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Windows Defender\MsMpEng.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\LEXBCES.EXE
H:\WINDOWS\system32\spoolsv.exe
h:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
H:\WINDOWS\system32\LEXPPS.EXE
H:\WINDOWS\System32\FTRTSVC.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Network Associates\Common Framework\FrameworkService.exe
H:\Program Files\Network Associates\VirusScan\Mcshield.exe
H:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
H:\Program Files\SiteAdvisor\6066\SAService.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
H:\Program Files\SiteAdvisor\6066\SiteAdv.exe
H:\Program Files\SPAMfighter\SFAgent.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
H:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
H:\Program Files\MessengerSkinner\MessengerSkinner.exe
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\Program Files\Windows Media Player\WMPNSCFG.exe
H:\PROGRA~1\Wanadoo\ComComp.exe
H:\PROGRA~1\Wanadoo\Toaster.exe
H:\PROGRA~1\Wanadoo\Inactivity.exe
H:\PROGRA~1\Wanadoo\PollingModule.exe
H:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
H:\PROGRA~1\Wanadoo\Watch.exe
H:\WINDOWS\system32\drwtsn32.exe
H:\WINDOWS\system32\drwtsn32.exe
H:\WINDOWS\system32\drwtsn32.exe
H:\WINDOWS\system32\linkprd.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\WINDOWS\system32\drwtsn32.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - H:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - H:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - H:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - H:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Pop-Up Stopper] "H:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SiteAdvisor] H:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "H:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Orange Desktop Search] "H:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [WOOKIT] H:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [messengerskinner] H:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WMPNSCFG] H:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Instant Access] H:\WINDOWS\system32\linkprd.exe /resO4 - Global Startup: Logitech Desktop Messenger.lnk = H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - https://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/insaniquarium/Oberongamesloader.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1798812D-F0F5-4192-A9BD-1A148B2DF56E}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS2\Services\Tcpip\..\{1798812D-F0F5-4192-A9BD-1A148B2DF56E}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bw+0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - H:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: WgaLogon - H:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - H:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - H:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - h:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - H:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - H:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - H:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - H:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - H:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - H:\Program Files\Windows Live\installer\WLSetupSvc.exe
j'ai mis en gras la parti infectée
0
Réponse 2 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
9 juil. 2007 à 15:14
Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Clique sur navilog1.zip pour télécharger navilog1.exe.

Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0
Réponse 3 / 18
paypay
9 juil. 2007 à 15:25
je suis les instructins mais il me dit"fichier process.exe absent"
Que doi-je faire?
0
Réponse 4 / 18
paypay
9 juil. 2007 à 15:27
j'ai réinstaller avilog comme demandé mais ça na marche toujours pas
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
9 juil. 2007 à 15:34
supprime le et recommence
si cela ne marche toujours pas fais ceci
Télécharge Blacklight (le 1er de la page)
https://europe.f-secure.com/exclude/blacklight/index.shtml


Enregistre le sur ton Bureau.
Double-clique fsbl.exe
Clique sur "I ACCEPT" .
clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

poste ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite car des fichiers légitimes peuvent être présents, tel wbemtest.exe
0
Réponse 6 / 18
paypay
9 juil. 2007 à 15:50
voila le raport:

07/09/07 15:36:24 [Info]: BlackLight Engine 1.0.64 initialized
07/09/07 15:36:24 [Info]: OS: 5.1 build 2600 (Service Pack 2)
07/09/07 15:36:24 [Note]: 7019 4
07/09/07 15:36:24 [Note]: 7005 0
07/09/07 15:36:27 [Note]: 7006 0
07/09/07 15:36:27 [Note]: 7011 2564
07/09/07 15:36:28 [Note]: 7026 0
07/09/07 15:36:28 [Note]: 7026 0
07/09/07 15:36:28 [Note]: 7024 3
07/09/07 15:36:28 [Info]: Hidden process: H:\windows\system32\fkomnb.exe
07/09/07 15:36:31 [Note]: FSRAW library version 1.7.1022
07/09/07 15:36:31 [Note]: 2000 1012
07/09/07 15:36:31 [Note]: 2000 1012
07/09/07 15:45:57 [Info]: Hidden file: h:\WINDOWS\system32\fkomnb.dat
07/09/07 15:45:57 [Note]: 10002 1
07/09/07 15:45:57 [Info]: Hidden file: H:\windows\system32\fkomnb.exe
07/09/07 15:45:57 [Note]: 10002 1
07/09/07 15:45:57 [Info]: Hidden file: h:\WINDOWS\system32\fkomnb_nav.dat
07/09/07 15:45:57 [Note]: 10002 1
07/09/07 15:45:57 [Info]: Hidden file: h:\WINDOWS\system32\fkomnb_navps.dat
07/09/07 15:45:57 [Note]: 10002 1
07/09/07 15:49:33 [Note]: 7007 0
0
Réponse 7 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
9 juil. 2007 à 15:54
Comment aller en Mode sans échec lettre C
https://forum.pcastuces.com/sujet.asp?f=25&s=3902

· Télécharge Brute Force Uninstaller (de Merjin)
http://www.merijn.org/files/bfu.zip
et décompresse-le dans un dossier propre à lui (C:\BFU).
Fais un clic droit de souris sur ce lien :
http://metallica.geekstogo.com/EGDACCESS.bfu

et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..") afin de télécharger EGDACCESS.bfu, Type "Tous les fichiers". Sauvegarde dans le dossier créé (C:\BFU).

· Clic droit sur le lien suivant et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..")
afin de télécharger Winsoftware.bfu, Type "Tous les fichiers".
·
http://www.alt-shift-return.org/Info/Fichiers/Winsoftware.bfu
Sauvegarde dans le dossier créé (c:\BFU)

· Télécharge Navipromo.zip (de Lazzzy)
· http://www.alt-shift-return.org/Info/Fichiers/Navipromo073.zip
et décompresse-le sur ton bureau.

· Copie la suite des instructions dans un fichier texte, sur ton bureau et Redémarre en mode sans échec
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou autre.
Lance le fichier Navipromo.bat qui se trouve dans le dossier Navipromo, sur ton bureau.


· Options :

Sélectionne l'option "Recherche et suppression automatique". Patiente.
·
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé puis valide en appuyant sur Entrée.
·
Relance l'outil, Sélectionne l'option "Suppression Heuristique", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.


Démarre le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : EGDACCESS.bfu
Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script exécution" apparaisse et clique sur OK. Clique exit pour fermer le programme BFU.

Recommence encore une fois l'exécution du script Egdaccess.BFU

Démarre encore le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : Winsoftware.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Winsoftware.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaisse et clique sur OK.
Clique exit pour fermer le programme BFU.

Recommence encore une fois

Démarrer -> panneau de configuration -> options internet.
o Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd

Supprime-les tous.

Redémarre normalement et poste le contenu du fichier Navipromo.txt qui se trouve dans Poste de travail > disque C:\
0
Réponse 8 / 18
paypay
9 juil. 2007 à 18:17
voila le raport:

Rapport Navipromo.bat 0.73 effectué le 09/07/2007 à 17:54:42,15
H:\Documents and Settings\pierre-henri\Bureau
L'opération se déroule en mode sans échec sous le compte "pierre-henri"

** Recherche...

1/ fkomnb trouvé, recherche de fkomnb*
H:\WINDOWS\system32\fkomnb.dat
H:\WINDOWS\system32\fkomnb.exe
H:\WINDOWS\system32\fkomnb_nav.dat
H:\WINDOWS\system32\fkomnb_navps.dat
H:\WINDOWS\prefetch\FKOMNB.EXE-0C457D12.pf

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
fkomnb REG_SZ h:\windows\system32\fkomnb.exe fkomnb

------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode

################################################

** Nettoyage...

1/ Déplacement de fkomnb* vers H:\Navipromo\Backups...
H:\WINDOWS\System32\fkomnb* déplacé avec succès !
H:\WINDOWS\prefetch\fkomnb* déplacé avec succès

------------------
* Suppression clés et valeurs de registre
1 entrées de registre netttoyées


* Backups :

H:\Navipromo\Backups\ARPCache.reg
H:\Navipromo\Backups\fkomnb.dat
H:\Navipromo\Backups\fkomnb.exe
H:\Navipromo\Backups\FKOMNB.EXE-0C457D12.pf
H:\Navipromo\Backups\fkomnb_nav.dat
H:\Navipromo\Backups\fkomnb_navps.dat
H:\Navipromo\Backups\HKCURun.reg
H:\Navipromo\Backups\HKLMRun.reg
H:\Navipromo\Backups\MessengerSkinner
H:\Navipromo\Backups\pack.epk
H:\Navipromo\Backups\Uninstall.reg
H:\Navipromo\Backups\MessengerSkinner\Userdata
H:\Navipromo\Backups\MessengerSkinner\Userdata\arnaudlepros@hotmail.fr
H:\Navipromo\Backups\MessengerSkinner\Userdata\defaultPack.cab
H:\Navipromo\Backups\MessengerSkinner\Userdata\Install_MessengerSkinner.zip
H:\Navipromo\Backups\MessengerSkinner\Userdata\languages.xml
H:\Navipromo\Backups\MessengerSkinner\Userdata\languages_v2.xml
H:\Navipromo\Backups\MessengerSkinner\Userdata\pack1.cab
H:\Navipromo\Backups\MessengerSkinner\Userdata\vincentdonjon@hotmail.fr
H:\Navipromo\Backups\MessengerSkinner\Userdata\arnaudlepros@hotmail.fr\funnyfacy
H:\Navipromo\Backups\MessengerSkinner\Userdata\vincentdonjon@hotmail.fr\funnyfacy

Ajout d'extension .off aux backups

## Fin du rapport de Suppression

-------------

Rapport Navipromo.bat 0.73 effectué le 09/07/2007 à 17:56:23,40
L'opération se déroule en mode sans échec sous le compte "pierre-henri"

## Suppression Heuristique

* Backups :

H:\Navipromo\Backups\Heuristic\linkprd.exe

Ajout d'extension .off aux backups
Backups exe renommés avec succès

## Fin du rapport Heuristique
pendand la supression des certificats je nai trouvé que "electronic-groupe"
0
Réponse 9 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
9 juil. 2007 à 19:24
comment va le PC?
encore des soucis?
poste un rapport hijack this pour contrôle
0
Réponse 10 / 18
paypay
10 juil. 2007 à 15:28
mon pc va bien plus de probleme et voila le raport:Logfile of HijackThis v1.99.1
Scan saved at 15:25:07, on 10/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Windows Defender\MsMpEng.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\LEXBCES.EXE
H:\WINDOWS\system32\spoolsv.exe
h:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
H:\WINDOWS\system32\LEXPPS.EXE
H:\WINDOWS\System32\FTRTSVC.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Network Associates\Common Framework\FrameworkService.exe
H:\Program Files\Network Associates\VirusScan\Mcshield.exe
H:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
H:\Program Files\SiteAdvisor\6066\SAService.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
H:\Program Files\SiteAdvisor\6066\SiteAdv.exe
H:\Program Files\SPAMfighter\SFAgent.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\Program Files\Windows Media Player\WMPNSCFG.exe
H:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
H:\PROGRA~1\Wanadoo\ComComp.exe
H:\PROGRA~1\Wanadoo\Toaster.exe
H:\PROGRA~1\Wanadoo\Inactivity.exe
H:\PROGRA~1\Wanadoo\PollingModule.exe
H:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
H:\PROGRA~1\Wanadoo\Watch.exe
H:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - H:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - H:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - H:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - H:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Pop-Up Stopper] "H:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SiteAdvisor] H:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "H:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Orange Desktop Search] "H:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [WOOKIT] H:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WMPNSCFG] H:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - https://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/insaniquarium/Oberongamesloader.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1798812D-F0F5-4192-A9BD-1A148B2DF56E}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{1798812D-F0F5-4192-A9BD-1A148B2DF56E}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - H:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: WgaLogon - H:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - H:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - H:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - h:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - H:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - H:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - H:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - H:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - H:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - H:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 11 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
10 juil. 2007 à 16:39
lance hijack this pour un scan et coche les lignes suivantes
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - H:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/insaniquarium/Oberongamesloader.ca b
O18 - Protocol: bw+0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E44B3C31-50D4-4065-95F8-D968ED4B5325} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

ferme toutes tes fenêtres y compris internet et clic sur fixer l'objet

si tout va bien supprime tout ce qu'on a utilisé car ce ne sera plus utile désormais
passe un coup de ccleaner
https://www.pcastuces.com/logitheque/ccleaner.htm

faire un scan antivirus en ligne avec internet explorer et accepter l'activex

http://pandasoftware.fr
ou icil
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

poster le rapport ici ensuite
0
Réponse 12 / 18
paypay
10 juil. 2007 à 19:09
voila j'ai tout suprimé mais les lien proposés ne marché pas donc je suis allé sur le site et j'ai fait un scan
;***********************************************************************************************************************************************************************************
ANALYSIS: 2007-07-10 19:05:09
PROTECTIONS: 1
MALWARE: 8
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
McAfee VirusScan Enterprise 8.0.0.912 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00167704 Cookie/Xiti TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Cookies\pierre-henri@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.xiti.com/]
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.fe.lea.lycos.fr/]
00167749 Cookie/Toplist TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.toplist.cz/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.weborama.fr/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.adtech.de/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.adtech.de/]
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.stat.onestat.com/]
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.stat.onestat.com/]
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.stat.onestat.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.fl01.ct2.comclick.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No H:\Documents and Settings\pierre-henri\Application Data\Mozilla\Firefox\Profiles\1djnj1s4.default\cookies.txt[.overture.com/]
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 13 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
10 juil. 2007 à 19:37
si tout va bien supprime tout ce qu'on a utilisé car ce ne sera plus utile désormais
conserve néanmoins ccleaner et effectue le nettoyage tous les jours avant de couper le PC

installe ce logiciel très utile et scanne ton PC avec une fois par semaine au moins...
AVG Antispyware
https://www.avg.com/en-ww/free-antivirus-download

mode d'utilisation :
Lance AVG Anti-Spyware, mets le à jour,
Clique sur le bouton « Analyse »
Puis « Comment réagir », clique sur Actions recommandées. Sélectionne Quarantaine.
Retour à l'onglet Analyse.
Clique sur Analyse complète du système.
A la fin du scan, choisis " Appliquer toutes les actions "
Clique sur "Enregistrer le rapport". Le fichier texte se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.


tu peux le coupler avec celui-ci
spybot search and destroy
https://www.safer-networking.org/?page=download

défragmente

pense à bien te protéger, j'ai découvert ce lien qui est plutôt pas mal à ce sujet

https://forum.pcastuces.com/default.asp

désactive ta restauration
clique droit sur poste de travail/propriétés/coche la case désactiver la restauration, appliquer
redémarre ton PC
clique droit sur poste de travail/propriétés/décoche la case désactiver la restauration, appliquer
démarrer/tous les programmes/ outils système/ restauration du système/ créer un point de restauration


la sécurité c'est très important mais ne remplace pas l'internaute, un surf prudent en évitant le crack, les sites "chauds", permet déjà d'éviter bien des soucis, le P2P lui aussi est source d'infections...


et bon surf
0
Réponse 14 / 18
paypay
11 juil. 2007 à 13:47
me revoila spybot a detecté virtumonde c'est grave? faut t'il que je le suprimme?
0
Réponse 15 / 18
paypay
11 juil. 2007 à 14:14
et en plus avg anti spyware a detecté:adware trymedia,backdoor.skinymes.a et dropper.agent.asf.
0
Réponse 16 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
11 juil. 2007 à 18:18
Télécharge VundoFix.exe (par Atribune) sur ton Bureau
http://www.atribune.org/ccount/click.php?id=4
clic double sur VundoFix.exe afin de le lancer
clic sur le bouton Scan for Vundo
Lorsque le scan est complété, clic sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clic YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer;
clic OK
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clic sur le bouton Scan for Vundo".
Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
0
Réponse 17 / 18
paypay
13 juil. 2007 à 10:26
voila il semble que mon ordi ne soit plus infecté alors merci beaucoup pour votre aide.
0
Réponse 18 / 18
papyber Messages postés 6406 Date d'inscription samedi 24 mars 2007 Statut Contributeur sécurité Dernière intervention 3 octobre 2010 257
13 juil. 2007 à 13:50
je te conseille néanmoins, mais c'est ton choix, de me poster les rapports obtenus ainsi qu'un nouvel hijack this
tu peux au pire des cas, effectuer un scan en ligne afin de t'assurer que tout est bien parti..Vundo étant une infection particulièrement rebelle!!
faire un scan antivirus en ligne avec internet explorer et accepter l'activex
poster le rapport ici ensuite
http://pandasoftware.fr
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
http://www.bitdefender.fr/scan8/ie.html
http://www.secuser.com/outils/antivirus.htm
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=fr&venid=sym
0

Discussions similaires

Virus détecté
Koony -
MisteryBean -

6 réponses
infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
y a t'il des virus qu'avast ne detecte pas
davivid -
Utilisateur anonyme -

24 réponses
mustapha
mustapha -
Ainillia -

1 réponse
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses