Pop drivecleaner etc...

Pop drivecleaner etc... - Sécurité - Windows & Software

Marsh Posté le 17-10-2006 à 16:01:50    

Bonjour,  
 
Comme beaucoup précédemment, j'ai le problème de fenêtre popup qui s'ouvrent intempestivement, drivecleaner, etc...  
 
Spybot, adaware et avast paraissent impuissants.  
 
J'ai installé HijackThis mais j'attends avant de le poster.  
 
Merci de votre réponse,

Reply

Marsh Posté le 17-10-2006 à 16:01:50   

Reply

Marsh Posté le 17-10-2006 à 16:22:50    

bonjour
 
fais un clic droit sur le fichier HijackThis.exe > "renommer" et renomme-le en oijfxd.exe. Lance-le, clique sur "do a system scan & save logfile". Copie et poste le contenu du rapport qui s'ouvre

Reply

Marsh Posté le 17-10-2006 à 16:37:25    

Logfile of HijackThis v1.99.1
Scan saved at 16:37:10, on 17/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\oijfxd.exe.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?94106469a032458dbc7b97476d066113
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?94106469a032458dbc7b97476d066113
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/FR/install.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/ac [...] 0-3-24.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: bw+0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
 

Reply

Marsh Posté le 17-10-2006 à 16:45:34    

rien de très excitant dans ce rapport, continuons à chercher
 
Télécharge F-Secure Blacklight (800ko) https://europe.f-secure.com/exclude [...] blbeta.exe
Place-le dans son propre répertoire, dans C:\
Lance-le en double-cliquant sur le fichier blbeta.exe
Accepte la licence, et clique enfin sur "Scan"
Si Blacklight détecte des éléments invisibles, il en affiche la liste et permet de les renommer
Ne renomme rien du tout. Copie le contenu du log qui sera généré dans le même dossier que blbeta, avec un nom qui ressemblera à fsbl-20060316011845.log

Reply

Marsh Posté le 17-10-2006 à 16:51:44    

10/17/06 16:47:28 [Info]: BlackLight Engine 1.0.47 initialized
10/17/06 16:47:28 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/17/06 16:47:29 [Note]: 7019 4
10/17/06 16:47:29 [Note]: 7005 0
10/17/06 16:47:35 [Note]: 7006 0
10/17/06 16:47:35 [Note]: 7011 1320
10/17/06 16:47:35 [Note]: 7026 0
10/17/06 16:47:35 [Note]: 7026 0
10/17/06 16:47:35 [Note]: 7024 3
10/17/06 16:47:35 [Info]: Hidden process: C:\windows\system32\njkwlbymfi.exe
10/17/06 16:47:35 [Note]: FSRAW library version 1.7.1020
10/17/06 16:47:54 [Note]: 4013 34
10/17/06 16:47:54 [Note]: 4020 38189 655360
10/17/06 16:47:54 [Note]: 4018 38189 655360
10/17/06 16:47:54 [Note]: 4013 30
10/17/06 16:47:54 [Note]: 4020 38189 655360
10/17/06 16:47:54 [Note]: 4018 38189 655360
10/17/06 16:47:54 [Note]: 4013 34
10/17/06 16:47:54 [Note]: 4020 38189 655360
10/17/06 16:47:54 [Note]: 4018 38189 655360
10/17/06 16:47:54 [Note]: 4013 30
10/17/06 16:47:54 [Note]: 4020 38189 655360
10/17/06 16:47:54 [Note]: 4018 38189 655360
10/17/06 16:50:18 [Info]: Hidden file: c:\WINDOWS\Prefetch\NJKWLBYMFI.EXE-2080962A.pf
10/17/06 16:50:18 [Note]: 10002 1
10/17/06 16:50:32 [Info]: Hidden file: c:\WINDOWS\system32\njkwlbymfi.dat
10/17/06 16:50:32 [Note]: 10002 1
10/17/06 16:50:33 [Info]: Hidden file: C:\windows\system32\njkwlbymfi.exe
10/17/06 16:50:33 [Note]: 10002 1
10/17/06 16:50:33 [Info]: Hidden file: c:\WINDOWS\system32\njkwlbymfi_nav.dat
10/17/06 16:50:33 [Note]: 10002 1
10/17/06 16:50:33 [Info]: Hidden file: c:\WINDOWS\system32\njkwlbymfi_navps.dat
10/17/06 16:50:33 [Note]: 10002 1

Reply

Marsh Posté le 17-10-2006 à 16:57:27    

1/ Télécharge :
 
- Brute Force Uninstaller http://www.merijn.org/files/bfu.zip et décompresse-le dans un dossier propre à lui (C:\BFU)
Fais un clic droit de souris sur ce lien : http://metallica.geekstogo.com/EGDACCESS.bfu
et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous.." )
afin de télécharger EGDACCESS.bfu, Type "Tous les fichiers". Sauvegarde dans le dossier créé (C:\BFU)
 
- Navipromo.zip (mis à jour) http://perso.numericable.fr/~altsh [...] ipromo.zip et décompresse-le sur ton bureau
 
2/ Copie la suite des instructions dans un fichier texte, sur ton bureau. et redémarre en mode sans échec comme indiqué ici http://www.microsoft.com/windows20 [...] ilsafe.htm
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou autre.
 
4/ lance le fichier Navipromo.bat qui se trouve dans le dossier Navipromo, sur ton bureau. Patiente.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé (comme tout à l'heure).
 
Lorsqu'il a terminé, ferme le rapport qui s'est ouvert
 
5/ Démarre le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : EGDACCESS.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaîsse et clique sur OK. Clique exit pour fermer le programme BFU.
Recommence encore une fois.
 
6/ Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
 
electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd"
 
=> Supprime-les tous
 
7/ redémarre normalement et poste le contenu du fichier Navipromo.txt qui se trouve dans Poste de travail > disque C:\
 

Reply

Marsh Posté le 17-10-2006 à 16:58:05    

Merci, je fais ce que tu me dis et je te tiens au courant

Reply

Marsh Posté le 17-10-2006 à 17:11:55    

Rapport Navipromo.bat 0.3 effectué le 17/10/2006 à 17:04:35,51
 
** Recherche...
 
1/ njkwlbymfi trouvé, recherche de njkwlbymfi*  
C:\WINDOWS\system32\njkwlbymfi.dat
C:\WINDOWS\system32\njkwlbymfi.exe
C:\WINDOWS\system32\njkwlbymfi_nav.dat
C:\WINDOWS\system32\njkwlbymfi_navps.dat
C:\WINDOWS\prefetch\NJKWLBYMFI.EXE-2080962A.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    njkwlbymfi REG_SZ c:\windows\system32\njkwlbymfi.exe njkwlbymfi
 
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode  
 
####################################################################################
 
** Nettoyage...
 
1/ Déplacement de njkwlbymfi* vers C:\Navipromo\Backups...
C:\Windows\System32\njkwlbymfi* déplacé avec succès !
C:\WINDOWS\prefetch\njkwlbymfi* déplacé avec succès
 
 ------------------
* Suppression clés et valeurs de registre  
 
* Backups :
 
C:\Navipromo\Backups\njkwlbymfi.dat
C:\Navipromo\Backups\njkwlbymfi.exe
C:\Navipromo\Backups\NJKWLBYMFI.EXE-2080962A.pf
C:\Navipromo\Backups\njkwlbymfi_nav.dat
C:\Navipromo\Backups\njkwlbymfi_navps.dat
 
Ajout d'extension .off aux backups
Backups renommés avec succès
 
## Fin du rapport de Suppression

Reply

Marsh Posté le 17-10-2006 à 17:13:39    

Sinon, il me semble qu'il me reste encore un problème, car j'ai un flux internet constant sans utiliser aucun programme supposé travailler en ligne

Reply

Marsh Posté le 17-10-2006 à 17:13:47    

ok, poste un nouveau HjiackThis et un nouveau Blacklight pour vérif ;)

Reply

Marsh Posté le 17-10-2006 à 17:13:47   

Reply

Marsh Posté le 17-10-2006 à 17:15:26    

Logfile of HijackThis v1.99.1
Scan saved at 17:15:13, on 17/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\LVComS.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\oijfxd.exe.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?94106469a032458dbc7b97476d066113
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?94106469a032458dbc7b97476d066113
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/FR/install.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} -  
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/ac [...] 0-3-24.cab
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} -  
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} -  
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} -  
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O18 - Protocol: bw+0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B1D68BAA-EA40-471B-A489-50AFF9DE87FD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
 

Reply

Marsh Posté le 17-10-2006 à 17:20:37    

10/17/06 17:15:47 [Info]: BlackLight Engine 1.0.47 initialized
10/17/06 17:15:47 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/17/06 17:15:47 [Note]: 7019 4
10/17/06 17:15:47 [Note]: 7005 0
10/17/06 17:15:49 [Note]: 7006 0
10/17/06 17:15:49 [Note]: 7011 1304
10/17/06 17:15:49 [Note]: 7026 0
10/17/06 17:15:49 [Note]: 7026 0
10/17/06 17:15:55 [Note]: FSRAW library version 1.7.1020
10/17/06 17:19:59 [Note]: 7007 0

Reply

Marsh Posté le 17-10-2006 à 17:26:21    

Bien :)
 
1/ Supprime le dossier jaune C:\Navipromo et vide la corbeille.
 
2/ Relance HijackThis en cliquant sur "do a system scan only" et coche ces lignes (uniquement ces lignes) si tu les trouves encore :
 
O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file)  
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)  
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} -  
O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} -  
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} -  
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} -  
 
- Ferme toutes les fenêtres, applications, messagerie... et clique sur "fix checked". Valide, puis quitte HijackThis.
 
3/ Désinstalle par Ajout/Suppression de programmes "Java 2 Runtime Environment 1.4.2_03"
supprime les traces éventuelles, après désinstallation :
 

Citation :

Ouvrir un dossier, n'importe lequel. Aller dans Outils/Options des dossiers/Affichage et cocher "Afficher les dossiers et fichiers cachés",
"Appliquer" et "Ok"


 
C:\Program Files\Java
C:\Documents and Settings\ton identité\Application Data\Sun
 
ensuite tu vas ici http://java.sun.com/javase/downloads/index.jsp
Clique sur le "Download" en face de "Java Runtime Environment (JRE) 5.0 Update 8". Sur la page suivante, coche la case "Accept License Agreement" puis télécharge "Windows Offline Installation, Multi-language" (jre-1_5_0_08-windows-i586-p.exe, 15.74 MB)
 
4/ Démarrer > Panneau de configuration > Options Internet -> "supprimer les fichiers", "supprimer les cookies", puis fais ce scan en ligne : http://www.bitdefender.fr/bd/site/page.php?tab=0#
Clique, en bas à gauche, sur "scan on line (nouveau)"
Accepte ensuite la licence puis laisse-lui installer l'ActiveX
Laisse-toi guider. Poste le rapport lorsqu'il a terminé.
 
------------
 
PS : utilises-tu encore ceci :
 
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe ?

Message cité 1 fois
Reply

Marsh Posté le 17-10-2006 à 17:27:47    

eZula a écrit :

Bien :)
 
------------
 
PS : utilises-tu encore ceci :
 
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe ?


 
NON, mais je n'arrive pas à l'enlever !
 
Je fais ce que tu me dis et je te tiens au courant

Reply

Marsh Posté le 17-10-2006 à 17:37:51    

vas dans démarrer, clique sur "exécuter", tapes :  
services.msc
"ok"
Dans la liste des services, cherche et double-clique sur la ligne :
SymWMI Service
vérifie dans "Chemin d'accès des fichiers exécutables" qu'il s'agit bien de
 "c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe"  
dans "Type de démarrage",
clique sur "désactiver" et règle-le sur "arrêté"
"Appliquer"/"ok"
 
et si tu n'utilises plus aucun produit Symantec, supprime direct le dossier c:\Program Files\Fichiers communs\Symantec Shared
 
j'attends le résultat du scan Bitdefender

Reply

Marsh Posté le 17-10-2006 à 17:46:40    

O, j'ai bien réussi à supprimer les résidus de Norton
 
Tu auras le rapport de bitdefender d'ici 30-40 mn.
 
Merci, je te tiens au courant.

Reply

Marsh Posté le 17-10-2006 à 18:50:26    

BitDefender Online Scanner
   
   
 
Rapport d'analyse généré à: Tue, Oct 17, 2006 - 18:27:11
 
 
   
   
 
Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;
   
   
 
 
   
   
 
Statistiques
 
Temps
 00:45:15
 
Fichiers
 368134
 
Directoires
 4917
 
Secteurs de boot
 3
 
Archives
 15930
 
Paquets programmes
 31798
 
   
   
 
Résultats
 
Virus identifiés
 6
 
Fichiers infectés
 8
 
Fichiers suspects
 0
 
Avertissements
 0
 
Désinfectés
 0
 
Fichiers effacés
 13
 
   
   
 
Info sur les moteurs
 
Définition virus
 476776
 
Version des moteurs
 AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
 
Analyse des plugins
 13
 
Archive des plugins
 38
 
Unpack des plugins
 6
 
E-mail plugins
 6
 
Système plugins
 1
 
   
   
 
Paramètres d'analyse
 
Première action
 Désinfecté
 
Seconde Action
 Supprimé
 
Heuristique
 Oui
 
Acceptez les avertissements
 Oui
 
Extensions analysées
 *;
 
Excludez les extensions
   
 
Analyse d'emails
 Oui
 
Analyse des Archives
 Oui
 
Analyser paquets programmes
 Oui
 
Analyse des fichiers
 Oui
 
Analyse de boot
 Oui
 
   
   
 
  Fichier analysé
  Statut
 
C:\Documents and Settings\HP_Propriétaire\Application Data\winantispyware2006freeinstall_fr[1].exe
 Infecté par: Trojan.Downloader.Winfixer.O
 
C:\Documents and Settings\HP_Propriétaire\Application Data\winantispyware2006freeinstall_fr[1].exe
 Echec de la désinfection
 
C:\Documents and Settings\HP_Propriétaire\Application Data\winantispyware2006freeinstall_fr[1].exe
 Supprimé
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097936.exe=>(Quarantine-2)
 Infecté par: Trojan.Mskinner.A
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097936.exe=>(Quarantine-2)
 Echec de la désinfection
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097936.exe=>(Quarantine-2)
 Supprimé
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097938.dll=>(Quarantine-2)
 Infecté par: DeepScan:Generic.Dialer.949C67F6
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097938.dll=>(Quarantine-2)
 Echec de la désinfection
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097938.dll=>(Quarantine-2)
 Supprimé
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097948.dll=>(Quarantine-2)
 Infecté par: Trojan.P2e.CL
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097948.dll=>(Quarantine-2)
 Echec de la désinfection
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097948.dll=>(Quarantine-2)
 Supprimé
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097955.exe=>(Quarantine-2)
 Détecté avec: Dialer.Porn.AC
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097955.exe=>(Quarantine-2)
 Echec de la désinfection
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097955.exe=>(Quarantine-2)
 Supprimé
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097960.dll=>(Quarantine-2)
 Infecté par: Trojan.P2e.CL
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097960.dll=>(Quarantine-2)
 Echec de la désinfection
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP557\A0097960.dll=>(Quarantine-2)
 Supprimé
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP558\A0099482.exe=>(CAB Sfx r)=>setup.msi=>(Embedded CAB)
 Infecté par: Trojan.Agent.20
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP558\A0099482.exe=>(CAB Sfx r)=>setup.msi=>(Embedded CAB)
 Echec de la désinfection
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP558\A0099482.exe=>(CAB Sfx r)=>setup.msi=>(Embedded CAB)
 Supprimé
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP558\A0099482.exe=>(CAB Sfx r)=>setup.msi
 Echec de la mise à jour
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP560\A0099703.exe
 Infecté par: Trojan.Downloader.Winfixer.O
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP560\A0099703.exe
 Echec de la désinfection
 
C:\System Volume Information\_restore{5864E199-E068-480D-BF55-3BCEB0D80CFD}\RP560\A0099703.exe
 Supprimé
 
   
 
 
   
   
 
 
   
   
 
 
 

Reply

Marsh Posté le 17-10-2006 à 18:53:36    

est-ce que ça va mieux à présent, stevetur ?

Reply

Marsh Posté le 17-10-2006 à 18:56:09    

Oui, beaucoup mieux, plus de popups ni de pubs intempestives.
 
Mais toujours ce flux internet non justifié.
 
Bon je te laisse tranquille car tout ce que tu m'a dit a été bien efficace.
 
Merci  :jap:

Reply

Marsh Posté le 17-10-2006 à 19:01:32    

et tu n'arrives pas à voir les processus responsables de ce flux internet ?

Reply

Marsh Posté le 17-10-2006 à 19:53:56    

Ca y est, après un redémarrage, ce flux étrange a disparu.
Tout est rentré dans l'ordre !
 
Je te remercie énormément, surtout pour la rapidité !
 
Bonne soirée.
 
Stevetur

Reply

Marsh Posté le    

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed