Sujet Précédent Sujet Suivant

Marre des pubs new offer

Résolu/Fermé
topheg Messages postés 5 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 10 février 2007 - 10 févr. 2007 à 11:29
 Utilisateur anonyme - 10 févr. 2007 à 21:29
bonjour a tous besoin d'aide pour enlever des pubs intempestives.J'ai essayé pas mal de spywares: AVG ,SPYBOT,AD AWARE, je viens d'installer SPYARE DOCTOR mais sans plus de résultats.Voilà ci joint mon HIJACKTHIS merci de votre aide .Logfile of HijackThis v1.99.1
Scan saved at 11:10:19, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\INCRED~1\bin\IMAppU.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\DOCUME~1\tophe\LOCALS~1\Temp\Répertoire temporaire 4 pour hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Frag license poll lite] C:\Documents and Settings\All Users\Application Data\PhoneBindFragLicense\regs wave.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMailU.exe /c
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [idol barb] C:\DOCUME~1\tophe\APPLIC~1\ENCMATH\send axis.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95ADDF6A-D280-48E5-BF65-2E8CA47C0475}: NameServer = 213.36.80.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A760D0A8-D590-443D-A9DC-C996CA8086B2}: NameServer = 213.36.80.1
O18 - Protocol: bw+0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

9 réponses

Réponse 1 / 9
Utilisateur anonyme
10 févr. 2007 à 12:16
Bonjour


Télécharge LopxpMH sur ton Bureau.

http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip

Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.

Poste le contenu du rapport qui va s'ouvrir.
0
Réponse 2 / 9
topheg Messages postés 5 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 10 février 2007
10 févr. 2007 à 12:23
salut merci pour ton aide!voilà le rapport demandé:Rapport fait à 12:17:28,50 le 10/02/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\All Users\Application Data

16/09/2005 09:29 <REP> .
16/09/2005 09:29 <REP> ..
19/01/2007 16:50 <REP> Adobe
06/02/2006 22:12 <REP> Ahead
05/05/2006 21:38 <REP> Apple Computer
02/02/2007 17:54 <REP> DVD Shrink
21/11/2006 18:12 <REP> GeoVid
08/02/2007 14:10 <REP> Google
12/02/2006 19:09 <REP> HP
16/09/2005 09:29 <REP> Microsoft
10/11/2006 22:50 <REP> NETg
07/02/2007 13:53 <REP> PhoneBindFragLicense
16/09/2005 07:43 <REP> SBSI
18/03/2006 14:32 <REP> SBT
08/02/2007 13:32 <REP> Spybot - Search & Destroy
16/09/2005 10:09 <REP> Symantec
09/02/2007 16:29 <REP> TEMP
06/02/2007 14:59 <REP> TuneUp Software
07/08/2006 20:07 <REP> Windows Genuine Advantage
10/02/2007 11:56 <REP> Yahoo! Companion
09/02/2007 16:10 3ÿ120 118300.34
16/09/2005 09:29 62 desktop.ini
12/02/2006 18:53 1ÿ096 hpzinstall.log
05/05/2006 21:41 1ÿ755 QTSBandwidthCache
4 fichier(s) 6ÿ033 octets
20 R‚p(s) 55ÿ196ÿ626ÿ944 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\anne\Application Data

12/01/2006 18:47 <REP> .
12/01/2006 18:47 <REP> ..
12/01/2006 18:47 <REP> Adobe
23/01/2006 22:12 <REP> AdobeUM
04/03/2006 14:56 <REP> Ahead
07/02/2006 18:30 <REP> Help
12/01/2006 18:47 <REP> Identities
22/03/2006 17:51 <REP> InterVideo
30/06/2006 17:46 <REP> LG Electronics
25/01/2006 18:31 <REP> Macromedia
12/01/2006 18:47 <REP> Microsoft
18/03/2006 14:32 <REP> Microsoft Web Folders
28/01/2006 14:40 <REP> Mozilla
12/01/2006 18:47 <REP> Sonic
13/06/2006 17:34 <REP> Sun
12/01/2006 18:47 <REP> Symantec
28/01/2006 14:40 <REP> Talkback
12/01/2006 21:10 <REP> Template
12/01/2006 18:47 <REP> toshiba
11/11/2006 18:56 <REP> VMNTOOLBAR
12/01/2006 18:47 62 desktop.ini
12/01/2006 21:10 270 wklnhst.dat
2 fichier(s) 332 octets
20 R‚p(s) 55ÿ196ÿ626ÿ944 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\anne\Local Settings\Application Data

12/01/2006 18:47 <REP> .
12/01/2006 18:47 <REP> ..
12/01/2006 18:47 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150030}
12/01/2006 18:47 <REP> Adobe
12/01/2006 18:47 <REP> ApplicationHistory
07/02/2006 18:30 <REP> Help
12/02/2006 19:24 <REP> HP
28/01/2006 13:28 <REP> Identities
07/11/2006 22:38 <REP> IM
18/02/2006 18:02 <REP> IsolatedStorage
12/01/2006 18:47 <REP> Microsoft
28/01/2006 14:40 <REP> Mozilla
12/01/2006 18:47 127 fusioncache.dat
17/01/2006 19:15 67ÿ224 GDIPFONTCACHEV1.DAT
12/01/2006 18:47 5ÿ365ÿ834 IconCache.db
3 fichier(s) 5ÿ433ÿ185 octets
12 R‚p(s) 55ÿ196ÿ626ÿ944 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\Default User\Application Data

16/09/2005 09:29 <REP> .
16/09/2005 09:29 <REP> ..
11/01/2006 18:22 <REP> Adobe
11/01/2006 18:22 <REP> Identities
16/09/2005 09:29 <REP> Microsoft
11/01/2006 18:22 <REP> Sonic
11/01/2006 18:22 <REP> Symantec
11/01/2006 18:22 <REP> toshiba
16/09/2005 09:29 62 desktop.ini
1 fichier(s) 62 octets
8 R‚p(s) 55ÿ196ÿ622ÿ848 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

16/09/2005 09:29 <REP> .
16/09/2005 09:29 <REP> ..
11/01/2006 18:22 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150030}
11/01/2006 18:22 <REP> Adobe
11/01/2006 18:22 <REP> ApplicationHistory
16/09/2005 07:37 <REP> Microsoft
11/01/2006 18:22 135 fusioncache.dat
11/01/2006 18:22 4ÿ823ÿ994 IconCache.db
2 fichier(s) 4ÿ824ÿ129 octets
6 R‚p(s) 55ÿ196ÿ622ÿ848 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\LocalService\Application Data

16/09/2005 07:41 <REP> .
16/09/2005 07:41 <REP> ..
16/09/2005 07:41 <REP> Microsoft
14/01/2006 09:12 <REP> Symantec
0 fichier(s) 0 octets
4 R‚p(s) 55ÿ196ÿ622ÿ848 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

16/09/2005 07:41 <REP> .
16/09/2005 07:41 <REP> ..
16/09/2005 07:41 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 55ÿ196ÿ622ÿ848 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

16/09/2005 07:41 <REP> .
16/09/2005 07:41 <REP> ..
16/09/2005 07:41 <REP> Microsoft
24/01/2006 16:25 <REP> Symantec
0 fichier(s) 0 octets
4 R‚p(s) 55ÿ196ÿ622ÿ848 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

16/09/2005 07:41 <REP> .
16/09/2005 07:41 <REP> ..
16/09/2005 07:41 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 55ÿ196ÿ622ÿ848 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\tophe\Application Data

12/01/2006 13:18 <REP> .
12/01/2006 13:18 <REP> ..
12/01/2006 13:18 <REP> Adobe
12/01/2006 13:23 <REP> AdobeUM
06/02/2006 22:19 <REP> Ahead
05/05/2006 21:41 <REP> Apple Computer
22/12/2006 00:07 <REP> Azureus
07/02/2007 13:54 <REP> BitDownload
21/12/2006 23:38 <REP> BitTorrent
06/01/2007 14:42 <REP> DivX
07/02/2007 13:52 <REP> ENCMATH
04/03/2006 18:36 <REP> FotoWire
21/11/2006 18:12 <REP> GeoVid
01/02/2006 16:40 <REP> Google
28/01/2006 12:47 <REP> Help
12/01/2006 13:18 <REP> Identities
12/01/2006 14:28 <REP> InterVideo
08/02/2007 13:52 <REP> Lavasoft
29/06/2006 18:11 <REP> LG Electronics
24/01/2006 16:45 <REP> Macromedia
12/01/2006 13:18 <REP> Microsoft
26/01/2006 17:38 <REP> Mozilla
06/02/2006 22:05 <REP> NeroVision
09/02/2007 16:29 <REP> PC Tools
12/05/2006 12:56 <REP> Real
12/01/2006 13:18 <REP> Sonic
17/01/2006 22:32 <REP> Sun
12/01/2006 13:18 <REP> Symantec
27/01/2006 13:06 <REP> Talkback
16/01/2006 21:32 <REP> Template
27/01/2006 13:05 <REP> Thunderbird
12/01/2006 13:18 <REP> toshiba
06/02/2007 15:00 <REP> TuneUp Software
06/10/2006 15:51 <REP> vlc
10/11/2006 09:32 <REP> vmntoolbar
12/01/2006 13:18 62 desktop.ini
15/05/2006 06:52 6ÿ805 GdiplusUpgrade_MSIApproach_Wrapper.log
16/01/2006 21:32 140 wklnhst.dat
3 fichier(s) 7ÿ007 octets
35 R‚p(s) 55ÿ196ÿ618ÿ752 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Documents and Settings\tophe\Local Settings\Application Data

12/01/2006 13:18 <REP> .
12/01/2006 13:18 <REP> ..
12/01/2006 13:18 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150030}
12/01/2006 13:18 <REP> Adobe
06/04/2006 17:15 <REP> Ahead
05/05/2006 21:41 <REP> Apple Computer
12/01/2006 13:18 <REP> ApplicationHistory
01/02/2006 16:40 <REP> Google
28/01/2006 12:47 <REP> Help
12/02/2006 19:11 <REP> HP
12/01/2006 17:42 <REP> Identities
08/10/2006 09:15 <REP> IM
12/02/2006 19:12 <REP> IsolatedStorage
04/03/2006 18:40 <REP> Logitech-LS
20/11/2006 13:05 <REP> Magentic
12/01/2006 13:18 <REP> Microsoft
26/01/2006 17:38 <REP> Mozilla
27/01/2006 13:05 <REP> Thunderbird
30/01/2006 17:02 <REP> WMTools Downloaded Files
03/02/2006 18:05 34ÿ816 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
12/01/2006 13:18 128 fusioncache.dat
12/01/2006 14:30 67ÿ224 GDIPFONTCACHEV1.DAT
12/05/2006 13:06 6ÿ926ÿ482 IconCache.db
4 fichier(s) 7ÿ028ÿ650 octets
19 R‚p(s) 55ÿ196ÿ618ÿ752 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

16/09/2005 07:40 <REP> .
16/09/2005 07:40 <REP> ..
11/01/2006 18:23 <REP> Adobe
11/01/2006 18:23 <REP> Identities
16/09/2005 07:40 <REP> Microsoft
11/01/2006 18:23 <REP> Sonic
11/01/2006 18:23 <REP> Symantec
11/01/2006 18:23 <REP> toshiba
16/09/2005 07:40 62 desktop.ini
1 fichier(s) 62 octets
8 R‚p(s) 55ÿ196ÿ618ÿ752 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

16/09/2005 07:40 <REP> .
16/09/2005 07:40 <REP> ..
11/01/2006 18:23 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150030}
11/01/2006 18:23 <REP> Adobe
11/01/2006 18:23 <REP> ApplicationHistory
16/09/2005 07:40 <REP> Microsoft
11/01/2006 18:23 135 fusioncache.dat
11/01/2006 18:23 4ÿ823ÿ994 IconCache.db
2 fichier(s) 4ÿ824ÿ129 octets
6 R‚p(s) 55ÿ196ÿ618ÿ752 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\WINDOWS\Tasks

07/02/2007 13:53 260 AC993BF59196B329.job
06/02/2007 15:01 408 Maintenance en 1 clic.job
17/01/2007 18:45 284 AppleSoftwareUpdate.job
12/02/2006 19:11 366 HPpromotions journeysoftware.job
16/09/2005 07:41 6 SA.DAT
16/09/2005 07:35 <REP> ..
16/09/2005 07:35 <REP> .
16/09/2005 07:23 65 desktop.ini
6 fichier(s) 1ÿ389 octets
2 R‚p(s) 55ÿ196ÿ614ÿ656 octets libres

******************************************
## Répertoires de Program files

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\Program Files

10/02/2007 11:50 <REP> .
10/02/2007 11:50 <REP> ..
17/01/2007 19:36 <REP> 7-Zip
25/05/2006 10:19 <REP> ACE Mega CoDecS Pack
05/05/2006 21:38 <REP> Adobe
10/11/2006 10:19 <REP> Advanced JPEG Compressor
06/02/2006 22:16 <REP> Ahead
16/03/2006 11:43 <REP> Alice
26/01/2006 14:42 <REP> Alwil Software
16/09/2005 09:22 <REP> Apoint2K
17/01/2007 18:45 <REP> Apple Software Update
06/07/2006 10:41 <REP> Audacity
07/07/2006 10:37 <REP> AudioCDMagic
03/02/2007 11:57 <REP> AviSynth 2.5
07/02/2007 14:06 <REP> BitDownload
10/02/2007 11:50 <REP> CCleaner
16/09/2005 07:35 <REP> ComPlus Applications
17/01/2006 10:14 <REP> Core Design
12/03/2006 17:51 <REP> DAP
03/02/2007 11:57 <REP> DivX
08/02/2007 14:29 <REP> eMule
07/02/2007 13:52 <REP> ENCMATH
16/11/2006 17:45 <REP> fCoder
07/02/2007 16:26 <REP> Fichiers communs
19/12/2006 10:05 <REP> FLVPlayer
21/11/2006 18:12 <REP> GeoVid
08/02/2007 14:45 <REP> Google
13/02/2006 16:23 <REP> Hewlett-Packard
12/02/2006 19:06 <REP> HP
16/01/2007 18:43 <REP> IncrediMail
11/01/2006 18:22 <REP> Intel
08/02/2007 14:12 <REP> Internet Explorer
12/01/2006 13:19 <REP> InterVideo
30/01/2007 09:26 <REP> IZArc
16/09/2005 07:49 <REP> Java
29/06/2006 18:46 <REP> LG Electronics
29/06/2006 18:33 <REP> LG PC Suite
10/02/2007 12:14 <REP> Logitech
16/09/2005 09:12 <REP> ltmoh
19/07/2006 14:52 <REP> Macrogaming
16/09/2005 07:52 <REP> Messenger
04/03/2006 15:26 <REP> MessengerPlus! 3
18/03/2006 14:31 <REP> microsoft frontpage
18/03/2006 14:33 <REP> Microsoft Office
19/09/2005 09:47 <REP> Microsoft Works
16/09/2005 10:09 <REP> Microsoft.NET
16/09/2005 07:35 <REP> Movie Maker
10/02/2007 11:56 <REP> Mozilla Firefox
27/01/2006 14:39 <REP> Mozilla Thunderbird
30/01/2006 13:55 <REP> MSN
16/09/2005 07:34 <REP> MSN Gaming Zone
15/12/2006 08:13 <REP> MSN Messenger
20/11/2006 10:53 <REP> MSXML 4.0
07/02/2007 17:02 <REP> Multi_Media_France
02/02/2007 23:03 <REP> Neodivx
16/09/2005 07:35 <REP> NetMeeting
12/01/2006 21:08 <REP> Offre Wanadoo
16/09/2005 07:34 <REP> Online Services
14/12/2006 13:42 <REP> Outlook Express
12/05/2006 12:57 <REP> Real
16/09/2005 09:17 <REP> Realtek AC97
03/02/2007 11:55 <REP> Ripp-it_AM
30/06/2006 09:26 <REP> Samsung
16/09/2005 07:36 <REP> Services en ligne
18/03/2006 14:32 <REP> Snapshot Viewer
16/09/2005 10:01 <REP> Sonic
09/02/2007 17:18 <REP> Spybot - Search & Destroy
09/02/2007 17:01 <REP> Spyware Doctor
19/09/2005 08:51 <REP> Toshiba
07/02/2007 16:30 <REP> TuneUp Utilities 2007
19/01/2006 22:51 <REP> Ubisoft
02/02/2007 17:25 <REP> VideoLAN
10/11/2006 09:36 <REP> Visicom Media
19/12/2006 12:06 <REP> Windows Media Connect 2
19/12/2006 12:06 <REP> Windows Media Player
16/09/2005 07:34 <REP> Windows NT
06/12/2006 17:29 <REP> WinPcap
22/11/2006 15:05 <REP> WinRAR
16/09/2005 07:38 <REP> xerox
10/02/2007 11:50 <REP> Yahoo!
0 fichier(s) 0 octets
80 R‚p(s) 55ÿ196ÿ610ÿ560 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
netsearchsoft.com REG_SZ
www.netsearchsoft.com REG_SZ

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\TOPHE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZL65NHDA.DEFAULT\HOSTPERM.1
host popup 1 images.google.fr
host popup 1 www.wideo.fr
host popup 1 www.paroles.net

******************************************
## Registre

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Frag license poll lite REG_SZ C:\Documents and Settings\All Users\Application Data\PhoneBindFragLicense\regs wave.exe

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
idol barb REG_SZ C:\DOCUME~1\tophe\APPLIC~1\ENCMATH\send axis.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\WINDOWS

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D055-1A84

R‚pertoire de C:\WINDOWS


*************** Fin du rapport ****************
0
Réponse 3 / 9
Utilisateur anonyme
10 févr. 2007 à 12:34
Re


Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer


1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente


2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.


3 Relance un scan HijackThis et coche les lignes ci-dessous :

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Frag license poll lite] C:\Documents and Settings\All Users\Application Data\PhoneBindFragLicense\regs wave.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [idol barb] C:\DOCUME~1\tophe\APPLIC~1\ENCMATH\send axis.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B2EF5AEC-949A-4E1E-9CFE-938F818AB86B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer


5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Program Files\BitDownload
C:\Program Files \ENCMATH
C:\Documents and Settings\All Users\Application Data\PhoneBindFragLicense
C:\Documents and Settings\tophe\Application Data\BitDownload
C:\Documents and Settings\tophe\Application Data\ENCMATH
C:\Documents and Settings\All Users\Application Data\PhoneBindFragLicense
C:\WINDOWS\Tasks\AC993BF59196B329.job

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.


6 Lance le nettoyage avec CCleaner


7 Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.


8 Redémarre normalement

Poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware.
0
Réponse 4 / 9
topheg Messages postés 5 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 10 février 2007
10 févr. 2007 à 13:06
excuses moi j'ai fait des modifs entretemps voilà un autre hijack dis moi si je dois faire les memes manip ps:j'ai supprimé logitech desktop messenger Logfile of HijackThis v1.99.1
Scan saved at 13:05:24, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\PROGRA~1\INCRED~1\bin\IMAppU.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\DOCUME~1\tophe\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Frag license poll lite] C:\Documents and Settings\All Users\Application Data\PhoneBindFragLicense\regs wave.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMailU.exe /c
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [idol barb] C:\DOCUME~1\tophe\APPLIC~1\ENCMATH\send axis.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95ADDF6A-D280-48E5-BF65-2E8CA47C0475}: NameServer = 213.36.80.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A760D0A8-D590-443D-A9DC-C996CA8086B2}: NameServer = 213.36.80.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
Utilisateur anonyme
10 févr. 2007 à 13:16
Certaines lignes ne sont plus présentes dans HijackThis, mais oui, tu fais la même manip.
0
Réponse 6 / 9
topheg Messages postés 5 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 10 février 2007
10 févr. 2007 à 15:39
voilà,je suis de retour ce fut un peu long avg a duré un peu plus d'une heure:Logfile of HijackThis v1.99.1
Scan saved at 15:34:23, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\INCRED~1\bin\IMAppU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\tophe\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMailU.exe /c
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{95ADDF6A-D280-48E5-BF65-2E8CA47C0475}: NameServer = 213.36.80.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A760D0A8-D590-443D-A9DC-C996CA8086B2}: NameServer = 213.36.80.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

voilà le rapport d'AVG:---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:23:58 10/02/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP113\A0052839.exe -> Downloader.Agent.auv : Nettoyé.
:mozilla.180:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.183:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.186:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.294:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.418:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.544:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.56:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.177:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.129:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.36:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.657:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.551:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.553:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.122:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.53:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.45:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.140:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.230:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.325:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.382:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.454:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.521:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.637:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Hotlog : Nettoyé.
:mozilla.389:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.408:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Nettoyé.
:mozilla.43:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.674:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.503:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.504:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.505:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.507:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.508:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.509:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.284:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.17:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.348:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.566:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.168:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.450:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.163:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.222:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.244:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.334:C:\Documents and Settings\anne\Application Data\Mozilla\Firefox\Profiles\ilbyir8u.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport

merci de ton aide
0
Réponse 7 / 9
Utilisateur anonyme
10 févr. 2007 à 20:49
Re


Plus de signe d'infection.


As tu encore des dysfonctionnements ?
0
Réponse 8 / 9
topheg Messages postés 5 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 10 février 2007
10 févr. 2007 à 21:00
non aucun soucis,je te remercie pour ton aide juste une petite question j'ai installé SPYWARE DOCTOR est il fiable et correcte?
0
Réponse 9 / 9
Utilisateur anonyme
10 févr. 2007 à 21:29
Ce n'est pas un utilitaire que je conseille
Il a parfois tendance à trouver des faux positifx
0

Discussions similaires

Problème suite changement de CPU
gimi3354 -
Tanguy -

5 réponses
Gmail Message d'erreur sur envoi multiple
Utilisateur anonyme -
jeannets -

13 réponses
New CPU installed, FTPM/PSP NV corrupted
Tanguy -
jeannets -

12 réponses
où regarder new york 911 saison 1
lolotte5923 -
ITOKYOPEYA -

3 réponses
supprimer la pub sur Facebook
louspatte -
vie73 -

70 réponses