> Tous les forums > Forum Sécurité
 Pop-up CiD et pub intempestive
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
chrislec
  Posté le 14/03/2007 @ 20:58 
Aller en bas de la page 
Nouvel astucien

Salut à tous

Suivant les directives de CHERCHEUR ET MORGANE QUE JE REMERCIE SINCEREMENT...

revoicie le message plus les rapports de HIJACKTHIS ET LopxpMH

comme la plupart d'entre vous je suis depuis peu assaillie de pub 'CiD' après mettre inscrit et lu pas mal de vos questions et réponses , je me suis dit qu'il fallait que je (moi aussi) mette mon rapport, alors le voilà, après avoir télécharger HijackThis et lancer comme vous le dites voici mon rapport, je vois pas bien ce que je dois en faire....

Bien sur j'ai , (je pense) tout essayer

je possede CCleaner, Spybot, blaklight, windows defender, spyware, avast fam....et norton ghost mais ma derniere image date de l'année dernière (quel con je suis) et je ne voudrais pas revenir a cette date.

voici le rapport....: si vous pouviez me donner un coup de main a virer ces saloperies de pub intempestives....

MERCI

RAPPORT HIJACKTHIS

Logfile of HijackThis v1.99.1
Scan saved at 21:53:16, on 13/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9TE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\vphc600.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo RX620 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE /P31 "EPSON Stylus Photo RX620 Series" /O6 "USB001" /M "Stylus Photo RX620"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [EPSON PictureMate 500] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9TE.EXE /P21 "EPSON PictureMate 500" /O6 "USB002" /M "PictureMate 500"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [phc650] C:\WINDOWS\vphc600.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [download one] C:\DOCUME~1\UTILIS~1\APPLIC~1\PROGRA~1\owns copy idol.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: Paramètres.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir client sur le moniteur &1 - C:\WINDOWS\web\AOpenClient.htm
O8 - Extra context menu item: Ouvrir client sur le moniteur &2 - C:\WINDOWS\web\AOpenClient.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.11/cfweb_activex.camfrogweb.com-advanced-2.0.1.11_instmodule.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://studiolec.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: MSNim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: Skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DirectX Service (DirectService) - Unknown owner - c:\windows\system32\directx.exe (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (file missing)

RAPPORT LopxpMH

Rapport fait à 20:49:45,53 le 14/03/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

23/11/2005 17:20 <REP> .
23/11/2005 17:20 <REP> ..
23/11/2005 17:20 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 21ÿ840ÿ154ÿ624 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data

23/11/2005 17:20 <REP> .
23/11/2005 17:20 <REP> ..
23/11/2005 17:20 <REP> Microsoft
23/11/2005 17:24 3ÿ712ÿ656 IconCache.db
1 fichier(s) 3ÿ712ÿ656 octets
3 R‚p(s) 21ÿ840ÿ150ÿ528 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\All Users\Application Data

15/11/2005 19:41 <REP> .
15/11/2005 19:41 <REP> ..
25/11/2005 20:11 <REP> Adobe
30/11/2006 19:33 <REP> Adobe Systems
15/11/2005 14:15 <REP> Ahead
16/11/2005 15:14 <REP> Apple Computer
30/06/2006 18:28 <REP> CopyPod
15/11/2005 14:10 <REP> CyberLink
24/11/2006 21:42 <REP> EnterNHelp
02/11/2006 13:02 <REP> Google
05/03/2007 21:04 <REP> Google Updater
07/02/2007 22:50 <REP> Lionhead Studios
27/12/2005 22:49 <REP> Macrovision
15/11/2005 19:41 <REP> Microsoft
19/11/2006 10:52 <REP> Motive
18/02/2007 13:12 <REP> MotiveSysIDs
24/03/2006 18:53 <REP> nView_Profiles
13/01/2007 10:02 <REP> OrbNetworks
26/12/2005 11:43 <REP> PACE Anti-Piracy
28/11/2006 19:50 <REP> RoboForm
16/11/2005 17:04 <REP> SBT
02/07/2006 17:11 <REP> Skype
10/04/2006 16:12 <REP> Sony Corporation
29/12/2006 22:56 <REP> Spybot - Search & Destroy
07/04/2006 20:10 <REP> Symantec
05/03/2007 19:03 <REP> tons license platform book
16/11/2005 14:02 <REP> UDL
24/11/2006 21:42 <REP> Ultima_T15
09/06/2006 22:33 <REP> Vivendi Universal Games
15/11/2005 14:32 <REP> Windows Genuine Advantage
23/11/2006 18:47 <REP> Yahoo!
15/11/2005 19:42 62 desktop.ini
24/11/2006 21:42 20 PKP_DLbz.DAT
03/12/2005 09:08 1ÿ755 QTSBandwidthCache
3 fichier(s) 1ÿ837 octets
31 R‚p(s) 21ÿ840ÿ150ÿ528 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\Default User\Application Data

15/11/2005 19:41 <REP> .
15/11/2005 19:41 <REP> ..
15/11/2005 19:41 <REP> Microsoft
15/11/2005 19:42 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 21ÿ840ÿ150ÿ528 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

15/11/2005 19:42 <REP> .
15/11/2005 19:42 <REP> ..
15/11/2005 18:53 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 21ÿ840ÿ150ÿ528 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\LocalService\Application Data

15/11/2005 18:58 <REP> .
15/11/2005 18:58 <REP> ..
15/11/2005 18:58 <REP> Microsoft
02/06/2006 18:49 <REP> Webroot
0 fichier(s) 0 octets
4 R‚p(s) 21ÿ840ÿ146ÿ432 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

15/11/2005 18:58 <REP> .
15/11/2005 18:58 <REP> ..
15/11/2005 18:58 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 21ÿ840ÿ146ÿ432 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

15/11/2005 18:56 <REP> .
15/11/2005 18:56 <REP> ..
15/11/2005 18:56 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 21ÿ840ÿ146ÿ432 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

15/11/2005 18:56 <REP> .
15/11/2005 18:56 <REP> ..
15/11/2005 18:56 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 21ÿ840ÿ146ÿ432 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\SYSTEM

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\utilisateur\Application Data

15/11/2005 18:59 <REP> .
15/11/2005 18:59 <REP> ..
30/03/2006 19:05 <REP> 3M
16/11/2005 19:04 <REP> Adobe
20/03/2006 10:48 <REP> AdobeUM
16/12/2005 20:34 <REP> Ahead
16/11/2005 15:15 <REP> Apple Computer
18/11/2005 20:22 <REP> ArcSoft
05/03/2007 19:03 <REP> BitDownload
03/01/2007 22:31 <REP> CamfrogWEB
19/08/2006 20:34 <REP> CamTrack
16/11/2005 16:54 <REP> Canon
15/11/2005 16:49 <REP> CyberLink
02/02/2006 14:40 <REP> EoRezo
17/11/2005 11:05 <REP> EPSON
16/11/2005 15:18 <REP> Google
04/01/2006 11:45 <REP> Help
27/10/2006 22:48 <REP> ICQ Toolbar
15/11/2005 18:59 <REP> Identities
07/04/2006 20:19 <REP> IsolatedStorage
24/11/2006 09:18 <REP> iView
06/07/2006 22:19 <REP> Lionhead Studios
06/09/2006 17:37 <REP> Logitech
18/11/2005 22:42 <REP> Macromedia
10/03/2007 15:43 <REP> Media Player Classic
15/11/2005 18:59 <REP> Microsoft
16/11/2005 17:01 <REP> Microsoft Web Folders
20/11/2006 05:26 <REP> Motive
09/12/2005 21:53 <REP> Mozilla
18/02/2006 16:20 <REP> NetMedia Providers
24/11/2006 21:41 <REP> Nikon
18/04/2006 10:59 <REP> Nvu
18/04/2006 10:16 <REP> OpenOffice.org1.9.104
10/04/2006 17:02 <REP> OpenOffice.org2
30/11/2006 19:28 <REP> Opera
26/12/2005 11:43 <REP> PACE Anti-Piracy
05/03/2007 19:03 <REP> Program Ace
18/02/2006 16:20 <REP> Publish Providers
02/07/2006 17:11 <REP> Skype
18/02/2006 16:20 <REP> Sonic Foundry
10/04/2006 16:12 <REP> Sony Corporation
22/11/2005 15:18 <REP> Sun
11/03/2006 14:05 <REP> Talkback
09/12/2005 21:55 <REP> Thunderbird
12/04/2006 08:55 <REP> Wallpaper
15/11/2005 18:59 62 desktop.ini
06/06/2006 10:50 70ÿ568 GDIPFONTCACHEV1.DAT
2 fichier(s) 70ÿ630 octets
45 R‚p(s) 21ÿ840ÿ146ÿ432 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Documents and Settings\utilisateur\Local Settings\Application Data

15/11/2005 18:59 <REP> .
15/11/2005 18:59 <REP> ..
20/03/2006 09:51 <REP> Adobe
20/11/2005 11:05 <REP> Ahead
16/11/2005 15:15 <REP> Apple Computer
07/04/2006 20:19 <REP> ApplicationHistory
09/12/2005 21:33 <REP> Google
26/12/2005 12:03 <REP> GuYs2Vdk
04/01/2006 11:45 <REP> Help
16/11/2005 14:16 <REP> Identities
14/02/2006 18:37 <REP> Mes Cr‚ations
15/11/2005 18:59 <REP> Microsoft
04/02/2006 20:44 <REP> Mon Livre Photo by CeWe
09/12/2005 21:53 <REP> Mozilla
24/11/2006 21:47 <REP> Nikon
26/12/2005 11:43 <REP> PACE Anti-Piracy
11/03/2006 14:05 <REP> Thunderbird
16/12/2005 20:29 33ÿ280 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
07/04/2006 20:19 134 fusioncache.dat
21/11/2005 20:56 70ÿ568 GDIPFONTCACHEV1.DAT
15/11/2005 19:05 2ÿ112ÿ766 IconCache.db
4 fichier(s) 2ÿ216ÿ748 octets
17 R‚p(s) 21ÿ840ÿ142ÿ336 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

15/11/2005 18:55 <REP> .
15/11/2005 18:55 <REP> ..
15/11/2005 18:55 <REP> Microsoft
15/11/2005 18:55 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 21ÿ840ÿ142ÿ336 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

15/11/2005 18:55 <REP> .
15/11/2005 18:55 <REP> ..
15/11/2005 18:55 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 21ÿ840ÿ142ÿ336 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\WINDOWS\Tasks

13/03/2007 13:06 330 MP Scheduled Scan.job
05/03/2007 19:42 290 B1F2CC9093C54A14.job
21/12/2006 22:10 434 User_Feed_Synchronization-{FEA6444B-F0E6-4309-8662-D78225FAEBFA}.job
04/11/2006 23:35 284 AppleSoftwareUpdate.job
15/11/2005 18:58 6 SA.DAT
15/11/2005 18:51 65 desktop.ini
15/11/2005 18:51 <REP> ..
15/11/2005 18:51 <REP> .
6 fichier(s) 1ÿ409 octets
2 R‚p(s) 21ÿ840ÿ142ÿ336 octets libres

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 2056-FBB7

R‚pertoire de C:\Program Files

13/03/2007 13:02 <REP> .
13/03/2007 13:02 <REP> ..
14/02/2007 22:01 <REP> Adobe
18/02/2007 22:40 <REP> adslTV
11/01/2006 12:24 <REP> Ahead
15/11/2005 20:55 <REP> Alwil Software
15/11/2005 19:09 <REP> Analog Devices
07/03/2007 13:15 <REP> Apple Software Update
13/03/2007 07:58 <REP> ArcadeRockstar
08/08/2006 17:34 <REP> ArcSoft
15/11/2005 14:10 <REP> ASUSTek
05/03/2007 19:58 <REP> BitDownload
07/02/2007 18:47 <REP> Canon
11/03/2007 11:13 <REP> Capturino 1.4
02/07/2006 13:46 <REP> CCleaner
02/07/2006 16:52 <REP> CDex_150
12/03/2007 14:05 <REP> CFWebAdvancedU
18/02/2007 13:13 <REP> Club-Internet
19/11/2006 10:52 <REP> Common Files
15/11/2005 18:50 <REP> ComPlus Applications
30/06/2006 18:28 <REP> CopyPod
15/11/2005 14:10 <REP> CyberLink
30/08/2006 14:42 <REP> directx
05/03/2007 20:35 <REP> Emoticons-plus.com
14/03/2007 17:55 <REP> eMule
01/02/2007 23:02 <REP> epson
11/03/2007 21:57 <REP> Fichiers communs
07/06/2006 22:38 <REP> FileZilla
10/11/2006 18:05 <REP> Futuremark
05/03/2007 21:04 <REP> Google
20/10/2006 08:46 <REP> ICQLite
01/02/2007 22:58 <REP> ICQToolbar
16/02/2007 09:52 <REP> Internet Explorer
07/03/2007 13:22 <REP> iPod
07/03/2007 13:22 <REP> iTunes
24/11/2006 09:18 <REP> iView MediaPro3
04/03/2007 11:02 <REP> Java
25/11/2005 20:06 <REP> Java(2)
07/02/2007 22:50 <REP> Lionhead Studios Ltd
19/01/2007 16:14 <REP> Logitech
25/08/2006 21:49 <REP> Macromedia
14/02/2006 18:37 <REP> Mes Cr‚ations
15/11/2005 16:44 <REP> Messenger
15/11/2006 22:00 <REP> microsoft frontpage
01/02/2007 23:09 <REP> Microsoft Office
18/02/2007 22:43 <REP> Motive
15/11/2005 18:50 <REP> Movie Maker
12/03/2007 13:05 <REP> Mozilla Firefox
02/03/2007 19:23 <REP> Mozilla Thunderbird
15/11/2005 18:49 <REP> MSN
15/11/2005 18:49 <REP> MSN Gaming Zone
11/02/2007 11:13 <REP> MSN Messenger
01/12/2006 14:01 <REP> MSXML 4.0
05/03/2007 20:42 <REP> Multi_Media_France
08/01/2006 22:47 <REP> NetMeeting
24/11/2006 21:40 <REP> Nikon
14/02/2007 22:21 <REP> Notepad++
10/04/2006 16:55 <REP> OpenOffice.org 2.0
18/02/2007 19:11 <REP> Opera
13/01/2007 10:02 <REP> Orb Networks
14/12/2006 18:55 <REP> Outlook Express
13/03/2007 21:36 <REP> PeerTV
11/03/2007 21:45 <REP> Philips
28/02/2007 21:02 <REP> Picasa2
05/03/2007 19:41 <REP> Program Ace
07/03/2007 13:17 <REP> QuickTime
02/07/2006 13:47 <REP> RegCleaner
26/05/2006 12:14 <REP> RescuePROT
10/03/2007 15:42 <REP> Satsuki Decoder Pack
07/04/2006 18:35 <REP> Screens
16/07/2006 09:43 <REP> SereneScreen
01/11/2006 23:13 <REP> SETI@home
28/11/2006 19:49 <REP> Siber Systems
29/12/2006 21:53 <REP> Skype
16/11/2005 17:04 <REP> Snapshot Viewer
18/02/2006 16:19 <REP> Sonic Foundry Setup
13/03/2007 13:17 <REP> Spybot - Search & Destroy
01/02/2007 22:59 <REP> Symantec
16/11/2006 23:16 <REP> Ubi Soft
15/11/2005 19:08 <REP> VIA
04/08/2006 12:01 <REP> VID_0E8F&PID_106F
29/07/2006 23:01 <REP> Videora
29/07/2006 16:38 <REP> VideoraiPodConverter
29/12/2006 23:30 <REP> Wallpaper
12/03/2007 14:26 <REP> Webroot
13/03/2007 13:02 <REP> Windows Defender
03/01/2007 21:01 <REP> Windows Media Connect 2
03/01/2007 21:17 <REP> Windows Media Player
15/11/2005 18:49 <REP> Windows NT
08/03/2007 14:10 <REP> WinRAR
25/11/2005 20:11 <REP> WinRar v2.80 vf
15/11/2005 18:53 <REP> xerox
16/11/2005 16:55 <REP> X-Press_4.00
22/02/2007 12:10 <REP> Yahoo!
02/06/2006 18:23 <REP> YourWare Solutions
0 fichier(s) 0 octets
95 R‚p(s) 21ÿ840ÿ138ÿ240 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
www.01net.com REG_BINARY
www.gifs-animes.com REG_BINARY
www.driverguide.com REG_BINARY
www.emuleplus.tk REG_BINARY
netbios-wait.com REG_SZ
www.netbios-wait.com REG_SZ
netsearchsoft.com REG_SZ
www.netsearchsoft.com REG_SZ

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\UTILISATEUR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LY7DBK14.DEFAULT\HOSTPERM.1
host popup 1 www.01net.com

******************************************
## Registre

* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/ie

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
download one REG_SZ C:\DOCUME~1\UTILIS~1\APPLIC~1\PROGRA~1\owns copy idol.exe

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
command REG_SZ C:\DOCUME~1\UTILIS~1\APPLIC~1\PROGRA~1\owns copy idol.exe
command REG_SZ C:\Documents and Settings\All Users\Application Data\tons license platform book\Real third.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************
Publicité
Chercheur
 Posté le 14/03/2007 à 21:00 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Bonsoir

Je regarde ces rapports. Réponse dans quelques instants.

Chercheur
 Posté le 14/03/2007 à 21:28 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Re

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

1 Télécharge AVG Anti-Spyware
http://www.ewido.net/en/download/
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.

3 Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [download one] C:\DOCUME~1\UTILIS~1\APPLIC~1\PROGRA~1\owns copy idol.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.11/cfweb_activex.camfrogweb.com-advanced-2.0.1.11_instmodule.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://studiolec.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {9263288B-02C4-4702-AF36-1478C8EA9B12} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer

5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Documents and Settings\All Users\Application Data\tons license platform book
C:\Documents and Settings\utilisateur\Application Data\BitDownload
C:\Documents and Settings\utilisateur\Application Data\Program Ace
C:\WINDOWS\Tasks\B1F2CC9093C54A14.job
C:\Program Files\BitDownload
C:\Program Files\Program Ace

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

6 Lance le nettoyage avec CCleaner.

7 Lance AVG Anti-Spyware.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

8 Redémarre normalement et poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware

chrislec
 Posté le 16/03/2007 à 18:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Tout d'abord un grand merci pour ton aide je garde ce message, au cas ou ça reviendrai.

mais en faite j'ai réussi a trouver ce qui provoqué ces pub popup, ça pas été facile j'ai désinstallé un par un les applications et pilotes que j'avais intaller depuis ces 15 dernier jours.

et j'ai trouver, enfin j'espère, ce qui provoqué toute ces pub c'était un lecteur MKV (Satsuki.Decoder.Pack.3.1.1.2) qui provoqué cela.

je l'ai désinstaller, fait un essai pas de pub, réinstaller re pub, donc.... enfin depuis je n'ai plus de pub du tout .

j'ai téléchargé un autre lecteur et tout fonctionne bien (pour l'instant)

merci encore très sincèrement, j'espère ne pas t'avoir fait perdre ton temps, si je peu te renvoyer l'acensseur... des questions sur la photographie ou photoshop pas de probléme, c'est mon métier

encore merci a bientot

chris

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
24,90 €Switch TP-Link Gigabit TL-SF1005P 5 ports avec 4 ports PoE à 24,90 €
Valable jusqu'au 26 Janvier

Amazon fait une promotion sur le switch TP-Link Gigabit TL-SF1005P 5 ports 10/100/1000 qui passe à 24,90 €. On le trouve habituellement à plus de 45 €. 4 ports PoE 58W permettent de connecter et d’alimenter directement des périphériques comme des caméras IP, des téléphones IP et des points d’accès Wifi.

> Voir l'offre
99,99 €Disque dur Seagate NAS Iron Wolf 4 To à 99,99 €
Valable jusqu'au 24 Janvier

Cdiscount propose le disque dur Seagate IronWolf 4 To à 99,99 €. Ce disque dur 3.5 pouces SATA III est adapté aux NAS et ordinateurs qui fonctionnent 24h/24. On le trouve ailleurs autour de 130 €. 

> Voir l'offre
23,90 €Switch Gigabit TL-SG108E 8 ports administrables à 23,90 €
Valable jusqu'au 24 Janvier

Amazon fait une promotion sur le switch Gigabit TL-SG108E 8 ports administrables qui passe à 23,90 € alors qu'on le trouve ailleurs à partir de 38 €. Ce switch est administrable : vous pouvez créer des sous réseaux isolés VLAN, limiter la bande passante par port, etc. 

> Voir l'offre

Sujets relatifs
publicité intempestive?
pc qui redemarre de façon intempestive
Pub intempestive à répétition
Pc Infecté - Pub intempestive
Fermeture intempestive
problème fenêtre intempestive
fenêtre intempestive
Ouverture intempestive d'un site cheloo
Re-pub intempestive........
pub intempestive sur internet
fenêtre INTEMPESTIVE click to run
Plus de sujets relatifs à Pop-up CiD et pub intempestive
 > Tous les forums > Forum Sécurité