> Tous les forumsSécurité

 problème avec clickme !!!
Statut du sujet : NON RESOLU Imprimer
 many79
  Posté le 14/04/2006 @ 20:41  
 Petite astucienne

8 Messages
Bonjour à tous, Voilà ce qui m'amène ici : j'ai choppé un spyware nommé CLICKME après qu'un ami est autorisé une pub sur mon PC en cliquant dessus... Depuis voici les symptômes : - Page d'accueil Internet Explorer modifiée - apparition de nouveaux icônes sur le bureau - affichage intempestifs de pop-up - affichage d'images d'alerte qui quand on clique dessus nous redirige vers des sites destinés à nous faire acheter des antispyware... - affichage de pop-up de sites X et de jeux d'argent en ligne... - Retours windows lorsque je suis loguée sur mon jeu en ligne à cause des pop-ups qui apparaissent, - Et depuis mon anti-virus (Norman) n'arrêtes pas de dénicher des virus (trojans) qu'il supprime ou met en quarantaine...Celui-ci notamment revient très souvant : W32/AgentXZD... Enfin voilà j'aimerais me débarraser de cette saleté avant qu'elle ne provoque des dégâts sur mon ordinateur !!! J'ai passé un coup de Spybot et de HijackThis mais je m'y connaît trop peu en informatique pour pouvoir décoder ça toute seule :/ Et j'ai peur de faire de mauvaises manipulations... Je me permets de poster mon filelog HijackThis, si vous pouviez y jeter un oeil et me dire ce qui cloche je vous en serais très reconnaissante^^ Logfile of HijackThis v1.99.1 Scan saved at 20:39:15, on 14/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\mssearchnet.exe C:\WINDOWS\system32\nvctrl.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Norman\bin\ZLH.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\apps\ABoard\AOSD.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Norman\bin\ZANDA.EXE C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe C:\Norman\Nvc\BIN\NIP.EXE C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\wscntfy.exe C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\BIN\nipsvc.exe C:\Norman\bin\NJEEVES.EXE C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\WINDOWS\System32\alg.exe C:\Norman\Nvc\bin\cclaw.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\microsoft office\Office\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Sannier\Mes documents\MELANIE\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.exactsearch.net/sidesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 216.107.242.195 l2authd.lineage2.com O2 - BHO: Nothing - {8d83b16e-0de1-452b-ac52-96ec0b34aa4b} - C:\WINDOWS\system32\hpB0F0.tmp O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing) O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_18_0.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\\\01.02.5000.1021\fr\msntb.dll (file missing) O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Program Files\ISTbar\istbarcm.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [DJ Console] C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe -hide O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [E-nrgyPlus] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [SFS6] "C:\Program Files\Steganos Secure FileSharing 6\sfs.exe" /booting O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119984607437 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A763D4D4-0073-4F11-A139-189B95ED6060}: NameServer = 84.103.237.145 86.64.145.145 O18 - Protocol: bw+0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: MSNim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: winjyg32 - C:\WINDOWS\SYSTEM32\winjyg32.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE O23 - Service: NTBOOTMGR (NTBOOT) - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe O23 - Service: NTLOAD - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe O23 - Service: NTSVCMGR - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Merci beaucoup [hello]
 Afficher le profil de many79Envoyer un message privé à many79
 
 
Publicité
 bernie50  Posté le 14/04/2006 à 20:53  
Astucien

2236 Messages
Bonsoir, Télécharge Ewido http://www.ewido.net/fr/download/ Tu l'installes et tu le mets à jour. Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu". [smile][bigsmile][clindoeil] Fais un scan et poste son rapport relance HijackThis et poste également le rapport.
Afficher le profil de bernie50 Voir la configuration de bernie50Envoyer un message privé à bernie50
  Revenir en haut de la page
 many79  Posté le 14/04/2006 à 21:28  
Petite astucienne

8 Messages
Merci beaucoup Bernie pour cette réponse rapide^^ J'ai installé Ewido, je lancerais le scan demain certainement en fin d'après-midi et je ne manquerais pas de poster le rapport... Juste 2 petites dernières questions : - Je dois lancer un scanner complet du système? - dois-je tenir compte du pop up "fichier infecté touvé !" ou dois-je simplement me contenter, pour le moment, de faire juste un scan? Merci beaucoup en tout cas, j'espères que ce problème va être résolu...
Afficher le profil de many79Envoyer un message privé à many79
 Revenir en haut de la page
 many79  Posté le 15/04/2006 à 12:57  
Petite astucienne

8 Messages
Ca y est j'ai fait un scanner avec ewido mais les boutons "sauver le rapport" et "voir le rapport" sont grisés je ne peux donc pas cliquer dessus...Est-ce normal? Comment je fais dans ce cas là pour poster le rapport ? Pour infos : le scanner Ewido a trouvé 207 objets infectés...J'ai fait un scanner complet du système. Merci de me répondre Bernie ou quelqu'un d'autre [smile]
Afficher le profil de many79Envoyer un message privé à many79
 Revenir en haut de la page
 many79  Posté le 15/04/2006 à 13:10  
Petite astucienne

8 Messages
Ha non désolée j'ai posté trop vite [clindoeil] J'ai trouvé ^^ Voici mon rapport avec Ewido : --------------------------------------------------------- ewido Anti-Malware - Rapport de scan --------------------------------------------------------- + Créé le: 12:57:32, 15/04/2006 + Somme de contrôle: A5F6A0AD + Résultats du scan: HKLM\SOFTWARE\Altnet -> Adware.Altnet : Ignoré HKLM\SOFTWARE\Aureate -> Adware.Aureate : Ignoré HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Bargains -> Adware.BargainBuddy : Ignoré HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Ignoré HKLM\SOFTWARE\Classes\ISTbar.BarObj -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Classes\ISTbar.BarObj\CLSID -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Adware.WinAd : Ignoré HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Adware.WinAd : Ignoré HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Adware.WinAd : Ignoré HKLM\SOFTWARE\Classes\sPeerDll.sPeerDllObj -> Adware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\sPeerDll.sPeerDllObj\CLSID -> Adware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\sPeerDll.sPeerDllObj\CurVer -> Adware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\sPeerDll.sPeerDllObj.1 -> Adware.BetterInternet : Ignoré HKLM\SOFTWARE\Classes\TestContentMatchControl1.ContentMatchTag -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Classes\TestContentMatchControl1.ContentMatchTag\CLSID -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Classes\TestContentMatchControl1.ContentMatchTag\CurVer -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Classes\TestContentMatchControl1.ContentMatchTag.1 -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Classes\WinRes.WindowsResources -> Adware.CoolWebSearch : Ignoré HKLM\SOFTWARE\Classes\WinRes.WindowsResources\CLSID -> Adware.CoolWebSearch : Ignoré HKLM\SOFTWARE\Classes\WinRes.WindowsResources\CurVer -> Adware.CoolWebSearch : Ignoré HKLM\SOFTWARE\Classes\WinRes.WindowsResources.1 -> Adware.CoolWebSearch : Ignoré HKLM\SOFTWARE\eXactUtil -> Adware.BargainBuddy : Ignoré HKLM\SOFTWARE\ISTbar -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\ISTbar\Historyfiles -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\ISTbar\Historystring -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\ISTsvc -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\ISTsvc\history -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Media Access -> Adware.WinAD : Ignoré HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BargainBuddy -> Adware.BargainBuddy : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA -> Adware.MoneyTree : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbar -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc -> Adware.ISTBar : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media Access -> Adware.WinAD : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NaviSearch -> Adware.NaviSearch : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rotue -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SideFind -> Adware.SideFind : Ignoré HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speer -> Adware.BetterInternet : Ignoré HKLM\SOFTWARE\NaviSearch -> Adware.NaviSearch : Ignoré HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Ignoré HKLM\SOFTWARE\PowerScan -> Adware.PowerScan : Ignoré HKLM\SOFTWARE\SideFind -> Adware.SideFind : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Aureate -> Adware.Aureate : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Aureate\Advertising -> Adware.Aureate : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Aureate\Advertising\Demographics -> Adware.Aureate : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Avenue Media -> Adware.InternetOptimizer : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\IST -> Adware.ISTBar : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Adware.InternetOptimizer : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\PowerScan -> Adware.PowerScan : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\sPeer -> Adware.BetterInternet : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006\Software\Classes\CLSID\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D} -> Adware.SpywareQuake : Ignoré HKU\S-1-5-21-3379964304-260296149-3190925828-1006_Classes\CLSID\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D} -> Adware.SpywareQuake : Ignoré [3128] C:\WINDOWS\system32\stickrep.dll -> Not-A-Virus.Hoax.Win32.Renos.cc : Ignoré [3572] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe -> Trojan.Dialer.is : Ignoré C:\b.tmp/rebates.exe -> Adware.WinAD : Ignoré C:\b.tmp/toolbar.exe -> Trojan.Crypt.e : Ignoré C:\b.tmp/rebates.exe -> Adware.WinAD : Ignoré C:\b.tmp/toolbar.exe -> Trojan.Crypt.e : Ignoré C:\Documents and Settings\Julien\Cookies\julien@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré C:\Documents and Settings\Julien\Cookies\julien@fastclick[2].txt -> TrackingCookie.Fastclick : Ignoré C:\Documents and Settings\Melanie\Local Settings\Temp\drp1.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Melanie\Local Settings\Temp\THI2F18.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Melanie\Local Settings\Temporary Internet Files\Content.IE5\M3MDITSD\thnall1s[1].exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@2o7[2].txt -> TrackingCookie.2o7 : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@adtech[2].txt -> TrackingCookie.Adtech : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@advertising[2].txt -> TrackingCookie.Advertising : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@as1.falkag[1].txt -> TrackingCookie.Falkag : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@com[1].txt -> TrackingCookie.Com : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@estat[1].txt -> TrackingCookie.Estat : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@fastclick[2].txt -> TrackingCookie.Fastclick : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@findwhat[1].txt -> TrackingCookie.Findwhat : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@ivwbox[1].txt -> TrackingCookie.Ivwbox : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@overture[2].txt -> TrackingCookie.Overture : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@perf.overture[1].txt -> TrackingCookie.Overture : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@servedby.advertising[2].txt -> TrackingCookie.Advertising : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@valueclick[2].txt -> TrackingCookie.Valueclick : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@weborama[2].txt -> TrackingCookie.Weborama : Ignoré C:\Documents and Settings\Pierre\Cookies\pierre@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@2o7[1].txt -> TrackingCookie.2o7 : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@adtech[2].txt -> TrackingCookie.Adtech : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@advertising[1].txt -> TrackingCookie.Advertising : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@as-us.falkag[1].txt -> TrackingCookie.Falkag : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@as1.falkag[1].txt -> TrackingCookie.Falkag : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@bfast[2].txt -> TrackingCookie.Bfast : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@clickbank[1].txt -> TrackingCookie.Clickbank : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@com[2].txt -> TrackingCookie.Com : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@counter.hitslink[2].txt -> TrackingCookie.Hitslink : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@edge.ru4[2].txt -> TrackingCookie.Ru4 : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@ehg-franceloisirs.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@estat[1].txt -> TrackingCookie.Estat : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@overture[2].txt -> TrackingCookie.Overture : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@paypopup[2].txt -> TrackingCookie.Paypopup : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@perf.overture[1].txt -> TrackingCookie.Overture : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@questionmarket[2].txt -> TrackingCookie.Questionmarket : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@revenue[2].txt -> TrackingCookie.Revenue : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@spylog[2].txt -> TrackingCookie.Spylog : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@tacoda[2].txt -> TrackingCookie.Tacoda : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@valueclick[1].txt -> TrackingCookie.Valueclick : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@weborama[2].txt -> TrackingCookie.Weborama : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@wreport.weborama[2].txt -> TrackingCookie.Weborama : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@www.etracker[1].txt -> TrackingCookie.Etracker : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@z1.adserver[1].txt -> TrackingCookie.Adserver : Ignoré C:\Documents and Settings\Sannier\Cookies\sannier@zedo[2].txt -> TrackingCookie.Zedo : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\Cookies\sannier@as1.falkag[1].txt -> TrackingCookie.Falkag : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\Cookies\sannier@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\Cookies\sannier@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\Cookies\sannier@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\Cookies\sannier@z1.adserver[1].txt -> TrackingCookie.Adserver : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp1.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp2.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp3.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp4.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp5.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp6.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp7.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp8.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drp9.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drpA.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\drpB.tmp\thnall1s.exe -> Adware.BetterInternet : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI1120.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI2363.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI2536.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI2D6E.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI33F8.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI36E8.tmp\speer.cab/speeryox.dll -> Adware.BiSpy : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI3CD1.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI3F29.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI62C8.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI6F1F.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI70B3.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THI7A7C.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temp\THIDE1.tmp\morphstb.cab/morphstb.exe -> Downloader.Stubby.c : Ignoré C:\Documents and Settings\Sannier\Local Settings\Temporary Internet Files\Content.IE5\CNNR6GTX\Install[1].exe -> Adware.Spysheriff : Ignoré C:\Documents and Settings\Sannier\Menu Démarrer\Programmes\Power Scan -> Adware.PowerScan : Ignoré C:\Documents and Settings\Sannier\Menu Démarrer\Programmes\Power Scan\Power Scan.lnk -> Adware.PowerScan : Ignoré C:\Documents and Settings\Sannier\Mes documents\Mes images\POND D'ECRAN\Midnight_s_Inst-53.exe -> Adware.Gator : Ignoré C:\Documents and Settings\Sannier\Mes documents\TELECHARGEMENT\Install.exe -> Adware.Spysheriff : Ignoré C:\Program Files\Altnet -> Adware.Altnet : Ignoré C:\Program Files\Altnet\My Altnet Shares -> Adware.Altnet : Ignoré C:\Program Files\BullsEye Network -> Adware.BargainBuddy : Ignoré C:\Program Files\BullsEye Network\bin -> Adware.BargainBuddy : Ignoré C:\Program Files\BullsEye Network\Uninstall.exe -> Adware.BargainBuddy : Ignoré C:\Program Files\Internet Optimizer -> Adware.InternetOptimizer : Ignoré C:\Program Files\Internet Optimizer\update -> Adware.InternetOptimizer : Ignoré C:\Program Files\ISTbar -> Adware.ISTBar : Ignoré C:\Program Files\ISTbar\imagemap_normal.bmp -> Adware.ISTBar : Ignoré C:\Program Files\ISTbar\imagemap_over.bmp -> Adware.ISTBar : Ignoré C:\Program Files\ISTbar\version.txt -> Adware.ISTBar : Ignoré C:\Program Files\ISTbar\xml_istbar.xml -> Adware.ISTBar : Ignoré C:\Program Files\ISTsvc -> Adware.ISTBar : Ignoré C:\Program Files\Media Access -> Adware.MediaAccess : Ignoré C:\Program Files\Media Access\Info.txt -> Adware.MediaAccess : Ignoré C:\Program Files\NavExcel\NavHelper\v2.0.4a\NHelper.dll -> Adware.NavExcel : Ignoré C:\Program Files\NavExcel\NavHelper\v2.0.4a\v2.0.4a.cab/NHelper.dll -> Adware.NavExcel : Ignoré C:\Program Files\NavExcel\NavHelper\v2.0.4a\v2.0.4a.cab/NHUninstaller.exe -> Adware.NavExcel : Ignoré C:\Program Files\NavExcel\NavHelper\v2.0.4a\v2.0.4a.cab/NHUpdater.exe -> Adware.NavExcel : Ignoré C:\Program Files\NaviSearch -> Adware.BargainBuddy : Ignoré C:\Program Files\NaviSearch\ad.dat -> Adware.BargainBuddy : Ignoré C:\Program Files\NaviSearch\bin -> Adware.BargainBuddy : Ignoré C:\Program Files\NaviSearch\Uninstall.exe -> Adware.BargainBuddy : Ignoré C:\Program Files\Power Scan -> Adware.PowerScan : Ignoré C:\Program Files\SideFind -> Adware.SideFind : Ignoré C:\Program Files\SideFind\sfexd001 -> Adware.SideFind : Ignoré C:\Program Files\SideFind\update -> Adware.SideFind : Ignoré C:\Program Files\SpywareQuake -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\blacklist.txt -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\Lang -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\Lang\English.ini -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\Logs -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\msvcp71.dll -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\msvcr71.dll -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\Quarantine -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\ref.dat -> Adware.SpywareQuake : Ignoré C:\Program Files\SpywareQuake\SpywareQuake.url -> Adware.SpywareQuake : Ignoré C:\Program Files\WAV to MP3 Encoder\installer_M3_2.exe -> Downloader.Adload.a : Ignoré C:\Program Files\WAV to MP3 Encoder\NH20040517.4a.EE.exe/NHInstall.exe -> Adware.NavExcel : Ignoré C:\WINDOWS\system\DRIVER\ntauth.dll -> Backdoor.Zapchast : Ignoré C:\WINDOWS\system\DRIVER\setup.bat -> Trojan.Zapchast : Ignoré C:\WINDOWS\system32\1024\ld17A6.tmp -> Not-A-Virus.Hoax.Win32.Renos.cc : Ignoré C:\WINDOWS\system32\dfrgsrv.exe -> Trojan.Small : Ignoré C:\WINDOWS\system32\exdl.exe -> Adware.BargainBuddy : Ignoré C:\WINDOWS\system32\mqexdlm.srg -> Adware.BargainBuddy : Ignoré C:\WINDOWS\system32\mssearchnet.exe -> Hijacker.SpyAxe : Ignoré C:\WINDOWS\system32\nvctrl.exe -> Hijacker.SpyAxe : Ignoré C:\WINDOWS\system32\stickrep.dll -> Trojan.Small : Ignoré ::Fin du rapport Et voici celui avec HijackThis : Logfile of HijackThis v1.99.1 Scan saved at 13:00:01, on 15/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\ewido Anti-Malware\ewidoctrl.exe C:\Norman\bin\ZANDA.EXE C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\BIN\nipsvc.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\bin\NJEEVES.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\mssearchnet.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\nvctrl.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Norman\bin\ZLH.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\apps\ABoard\AOSD.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Norman\Nvc\bin\cclaw.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\ewido Anti-Malware\SecuritySuite.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Sannier\Mes documents\MELANIE\HijackThis.exe C:\WINDOWS\TEMP\winC6.tmp.exe C:\WINDOWS\system32\clickme.exe C:\WINDOWS\slrundll.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.exactsearch.net/sidesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 216.107.242.195 l2authd.lineage2.com O2 - BHO: Nothing - {8d83b16e-0de1-452b-ac52-96ec0b34aa4b} - C:\WINDOWS\system32\hpDCC.tmp O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing) O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_18_0.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\\01.02.5000.1021\fr\msntb.dll (file missing) O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Program Files\ISTbar\istbarcm.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [DJ Console] C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe -hide O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [E-nrgyPlus] C:\Program Files\E-nrgyPlus\E-nrgyPlus.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [SFS6] "C:\Program Files\Steganos Secure FileSharing 6\sfs.exe" /booting O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119984607437 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A763D4D4-0073-4F11-A139-189B95ED6060}: NameServer = 86.64.145.144 84.103.237.144 O18 - Protocol: bw+0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: MSNim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {C35410DF-02E2-436C-82B7-FD2451EA0F70} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: winjyg32 - C:\WINDOWS\SYSTEM32\winjyg32.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido Anti-Malware\ewidoctrl.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE O23 - Service: NTBOOTMGR (NTBOOT) - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe O23 - Service: NTLOAD - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe O23 - Service: NTSVCMGR - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe PS : j'ai trouvé le fichier CLICKME Dans mon disque C Voilà comment il se compose : [img]http://img142.imageshack.us/img142/9000/proprietesclickme7bg.jpg[/img] [img width=650 height=487]http://img86.imageshack.us/img86/6088/dossierclickme2ei.jpg[/img] Est-ce qu'il suffit juste de le supprimer à cet endroit là ou est-ce plus compliqué que ça ?? Je ne le trouve pas dans la liste "ajouter-supprimer des programmes" du panneau de configuration... Merci de votre aide [hello]
Afficher le profil de many79Envoyer un message privé à many79
 Revenir en haut de la page
 many79  Posté le 15/04/2006 à 13:53  
Petite astucienne

8 Messages
J'ai aussi ce message d'erreur qui s'affiche très souvent : [img]http://img92.imageshack.us/img92/3079/messerreur9sv.jpg[/img] Qu'est ce que cela veut dire ??? Serait-ce dû à un des spywares contenus dans mon PC ? Merci
Afficher le profil de many79Envoyer un message privé à many79
 Revenir en haut de la page
 many79  Posté le 18/04/2006 à 23:10  
Petite astucienne

8 Messages
Bernie ??? Tu m'as abandonné ??? [triste]
Afficher le profil de many79Envoyer un message privé à many79
 Revenir en haut de la page
Haut de la page 
Inscrivez-vous !
- Posez vos questions

- Résolvez vos problèmes

- Aidez les autres

- Participez et créez vos discussions

- Dialoguez en privé avec d'autres membres

- Suivez vos sujets préférés

- Affichez les signatures des membres

TOUT EST GRATUIT !

Je crée mon compte



Vous avez besoin d'aide ?
Des centaines d'experts sont à votre disposition sur les forums PC Astuces pour vous aider gratuitement, 24h/24, 7j/7.

Les derniers sujets résolus !
 

 > Tous les forumsSécurité

 
Forum PC Astuces© 1997-2008 WebastucesAller en haut de la page