queruak

Bonsoir à tous, Salut Stonangel et bienvenue sur Zebulon. @+

Bonjour, Hello Chercheur C'est la premiere chose que je lui ai demandé de supprimer.,mais phil évite les affrontements,il aime tellement son fils qu'il ne tient pas à le contrarier.LOL

Bonjour, Non je n'ai rien parlé de cela,c'est Chercheur qui t'a répondu sur l'autre discussion. De rien phil,content de t'voir aidé. Tu vois avec Chercheur.

Rebonjour, Occupons d'abord de ce fameux méssage. -Tu démarres sur la session de ton fils. -Assure toi d'avoir accés à tous les fichiers(comme indiqué précedemment) -Désintalle via Ajout/suppression des programmes du panneau de configuration le programme suivant(s'il est présent) Instant Access -Lance Hijackthis,scan et coche les lignes suivantes: O4 - HKCU\..\Run: [instant Access] rundll32.exe p2esocks_1021.dll,InstantAccess O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm -Puis tu fais Démarrer-->Exécuter-->Regedit-->OK Tu navigues jusqu'à HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run Sur le panneau de droit, supprime la valeur 'Dialer', si elle est présente. Quitte Regedit. -Redémarre en mode sans echec. -Supprime les fichiers suivants(il faut faire une recherche sur ton disque,et certains peuvent ne pas etre présents) Il est fort posssible qu'ils soient dans C:\WINDOWS\System32\.. -p2esocks_1021.dll -011145.exe -egcomlib_1031.dll -egcomlib_pack.inf -egcomlib2.dll -C:\Program Files\Instant Access.<-le dossier -Vide la corbeille. -Redémarre normalement. -Tiens nous au courant.

Et comment !!! des dossier dans les repertoires Temp ! Que viennent faire ces dossiers ici !?

Bonjour phil, Chercheur, bonjour à tous, Salut Chercheur , Le rapport Hijackthis est posté ici. http://forum.zebulon.fr/index.php?showtopic=63990&st=0

Bonjour Phil,ipl, bonjour à tous, Oui phil,je la vois,et je ne vois qu'elle.LOL Je regarde le rapport,réponse dans quelques instants. phil,s'il te plait,pour dissiper tout malentendu et mettre fin à ce quiproquo,et tu sur d'avoir des dossiers ou repértoires dans les repertoires Temp? Les dossiers en question: C:\Documents and Settings\ton identité\Local Settings\Temp <--regarde ici C:\Documents and Settings\autres identités\Local Settings\Temp <--regarde ici et celui de C:\Windows\Temp <--regarde ici En fait tu n'as qu'à suivre le chemin,à partir de C

Bonjour à tous, Salut Chercheur !!!

Rebonjour, -1-Télécharge LSPFix http://www.cexx.org/lspfix.htm -2-Désinstalle via Ajout/suppression des programmes du panneau de configuration ,le(s) programme(s) suivant(s). -GogoTools -Web_Rebates -AutoUpdate -TV Media -NewDotNet ou NewNet -3-Assure toi d'avoir accés à tous les fichiers. -3-Termine le(s) processus suivant(s). certains peuvent ne pas etre présents. -LaunchAdware.exe -GOGOTO~1.EXE -WebRebates0.exe -WebRebates1.exe -P2P Networking.exe -pxckdla.exe -AutoUpdate.exe -locif70n.exe -lmumxfrm.exe -4-Lance Hijackthis,scan,et coche les lignes en gras ci-dessous. R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cg...4240&id=5.20013 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cg...4240&id=5.20013 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://adbuyer3.lycos.com/tm/results.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-search.cg...look=stmpl1&fw= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cg...4240&id=5.20013 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cg...4240&id=5.20013 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.shopnav.com/q.cgi?q= R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cg...look=stmpl1&fw= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINNT\EliteToolBar\EliteToolBar version 60.dll O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINNT\EliteSideBar\EliteSideBar 08.dll O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINNT\EliteToolBar\EliteToolBar version 60.dll O4 - HKLM\..\Run: [RUNGogoTools] C:\Program Files\GogoTools\Gogoware\LaunchAdware.exe O4 - HKLM\..\Run: [RUNFilePC] C:\Program Files\GogoTools\Gogoware\gogoFileShare.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s O4 - HKLM\..\Run: [etbrun] C:\winnt\system32\elitetcz32.exe O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe" O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [Win Server Updt] C:\WINNT\pxckdla.exe O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [ASDPLUGIN] C:\WINNT\system32\france.exe -N O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe" O4 - HKLM\..\Run: [ts4V34i] locif70n.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [cBv9RQG8i] lmumxfrm.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe O4 - Startup: Moniteur & Configuration.lnk = C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &Define - C:\WINNT\Web\ERS_DEF.HTM O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Search the Web - C:\WINNT\Web\ERS_SRC.HTM O8 - Extra context menu item: Ebates - file://C:\Program Files\EbatesMoeMoneyMaker\System\Temp\ebates_script0.htm O8 - Extra context menu item: Look Up in &Encyclopedia - C:\WINNT\Web\ERS_ENC.HTM O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O9 - Extra button: Ebates - {7F241C00-DAB6-11d5-AAA8-0001028DF1BC} - file://C:\Program Files\EbatesMoeMoneyMaker\System\Temp\ebates_script0.htm (file missing) (HKCU) O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net <- ces lignes seront corrigées par la désinstallation de NewNet et par LSPFix O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} (F1 Organizer Class) - http://www.addictivetechnologies.net/DM0/cab/17kd11fg.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://acces-direct.net/10642/videos-sexanoo.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.encyclo.wanadoo.fr/JS/tdserver.cab O16 - DPF: {1D2DCA0D-B30F-40AD-9690-087105F214EC} (IEDial Class) - http://fr4-download.nocreditcard.com/downl...t/ieaccess2.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/platypus/miniclipGameLoader.dll O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/WebInstall.dll O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{333C7C12-40B2-4A76-A2B0-C78CD912A5A2}: NameServer = 80.10.246.1 80.10.246.132 O17 - HKLM\System\CS1\Services\Tcpip\..\{333C7C12-40B2-4A76-A2B0-C78CD912A5A2}: NameServer = 80.10.246.1 80.10.246.132 O18 - Protocol: bw+0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {1010C813-CD1A-4355-9541-D724B7C23FA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe -5-Ferme toutes les fenetres Internet Explorer,Outlook Express sauf Hijackthis,puis clique sur "Fix checked" -6-Lance l'application LSPFix et agrandis la fenêtre qui, par défaut, est trop petite et fait apparaître les ascenseurs horizontaux et verticaux, masquant un bouton. .Déconnecte-toi d'Internet et ferme toutes les instances (fenêtres) Internet Explorer. .Coche la case "I know what I'm doing" ("Je sais ce que je fais"). .Clique sur le bouton "Finish". -7-Redémarre en mode sans echec. -8-Supprime les fichiers et dossiers suivants. -C:\WINNT\pxckdla.exe <le fichier -C:\WINNT\system32\locif70n.exe<-le fichier -C:\WINNT\system32\lmumxfrm.exe<-le fichier -C:\WINNT\System32\P2P Networking <-le dossier -C:\WINNT\EliteToolBar<-le dossier -C:\WINNT\EliteSideBar<-le dossier -C:\WINNT\system32\elitetcz32.exe<-le fichier -C:\WINNT\system32\france.exe -N<-le fichier -C:\Program Files\GogoTools<-le dossier -C:\Program Files\Web_Rebates <-le dossier -C:\Program Files\AutoUpdate<-le dossier -C:\Program Files\TV Media<-le dossier -C:\Program Files\NewDotNet<-le dossier -9-Supprime les fichiers inutiles dans les répertoires Temp celui de C:\Documents and Settings\ton identité\Local Settings\Temp <--tout le contenu C:\Documents and Settings\autres identités\Local Settings\Temp <--tout le contenu et celui de C:\Windows\Temp <--tout le contenu -10-Supprime tous les fichiers de Temporary Internet Files via Options Internet/onglet Général/zone "Fichiers Internet Temporaires/bouton suppimer les fichiers . -Supprime les Cookies . -Vide la corbeille -11-Redémarre normalement et poste un nouveau log HijackThis pour vérification. L'installer dans un répertoire spécifique(Pas sur le bureau,ni dans le repertoire Temp). @+

Bonjour TeZ.K, bonjour à tous, Je regarde ton rapport,réponse dans une heure environ. Déplace Hijackthis dans un dossier spécifique. C:\Hijackthis par exemple. @+

Bonjour phil,ipl, bonjour à tous, Alors avec ces nouvelles données,il est impératif de poster un rapport hijackthis effectué sur la session en question. @+

Bonjour à tous, Mon cher phil, -Je te demande de désinstaller imesh,tu me reponds que tu ne veux pas entrer en conflit avec ton fils. -Je te demande de supprimer les fichiers temporaires,en t'indiquant les chemins,toi tu me parles de repertoires. Relis ce que j'ai écris: Supprime les fichiers inutiles dans les répertoires Temp C:\Documents and Settings\ton identité\Local Settings\Temp <--tout le contenu C:\Documents and Settings\autres identités\Local Settings\Temp <--tout le contenu et celui de C:\Windows\Temp <--tout le contenu Maintenant,j'aimerais bien savoir ça sert à quoi de repondre si on ne met pas en applications les recommandations. @+

Bonjour à tous, Okay,j'ai compris. au revoir.

Bonjour à tous, Tu hésites à supprimer des fichiers temporaires !!! En tous les cas tu dois avoir un bel élévage la dedans. Est ce que tu as désinstallé Imesh comme conséillé? (je le vois toujours sur ton rapport) Tu veux des preuves, http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453072738 http://www.spyany.com/program/article_spw_rm_IMesh.html

Bonsoir à tous, Hello ipl De rien,je suis toujours content d'aider un internaute en détresse ! J'ai aussi croisé did et Chercheur ici.

Bonsoir à tous, Le lien fonctionne trés bien,en fait tu as posé la meme question. Et je confirme ce que t'a répondu Chercheur sur PCA-Sécurité. http://forum.pcastuces.com/sujet.asp?SUJET_ID=166550 La ligne est légitime. @+

Bonjour phil78,bonjour à tous, -1-Désinstalle via Ajout/suppression des programmes du panneau de configuration ,le(s) programme(s) suivant(s). -iMesh -2-Assure toi d'avoir accés à tous les fichiers. -3-Lance Hijackthis,scan,et coche les lignes en gras ci-dessous. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.laposte.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Program Files\iMesh\iMesh5\iMeshBHO.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: C:\WINDOWS\lbbho.dll - {2CD262C7-71B5-4F5E-98B7-0829CDBF1FA7} - C:\WINDOWS\lbbho.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O9 - Extra 'Tools' menuitem: Console Java (Sun) (HKLM) O9 - Extra button: Wanadoo (HKCU) O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for ¸æ¬: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab30149.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game16.zylom.servicesalacarte.wanad...gamesplayer.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.fr/techsupp/activedata/ActiveData.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2651178F-9D11-44B2-A458-867977C0A655}: NameServer = 80.10.246.1 80.10.246.132 O17 - HKLM\System\CS1\Services\Tcpip\..\{2651178F-9D11-44B2-A458-867977C0A655}: NameServer = 80.10.246.1 80.10.246.132 -4-Ferme toutes les fenetres Internet Explorer,Outlook Express sauf Hijackthis,puis clique sur "Fix checked" -5-Redémarre en mode sans echec. Comment démarrer Windows XP en mode sans échec -6-Supprime les fichiers et dossiers suivants. -C:\WINDOWS\lbbho.dll<-le fichier -C:\Program Files\ iMesh <-le dossier -7-Supprime les fichiers inutiles dans les répertoires Temp celui de C:\Documents and Settings\ton identité\Local Settings\Temp <--tout le contenu C:\Documents and Settings\autres identités\Local Settings\Temp <--tout le contenu et celui de C:\Windows\Temp <--tout le contenu -8-Supprime tous les fichiers de Temporary Internet Files via Options Internet/onglet Général/zone "Fichiers Internet Temporaires/bouton suppimer les fichiers . -Supprime les Cookies . -Vide la corbeille -9-Redémarre normalement et poste un nouveau log HijackThis pour vérification,en utilisant la derniere version 1.99.1. http://www.merijn.org/files/hijackthis.zip @+

Bonjour à tous, Du beau monde sur cette discussion !!!

Bonjour mtirabo, bonjour à tous, Il y'a eu sur PCA-Sécurité une discussion à ce sujet il y'a un mois. http://forum.pcastuces.com/sujet.asp?SUJET_ID=151999

Bonjour à tous, -1-Téléchage LSPFix http://www.cexx.org/lspfix.htm -2-Désinstalle via Ajout/suppression des programmes du panneau de configuration ,le(s) programme(s) suivant(s). -MyWebSearch -Toolbar -NewDotNet -3-Assure toi d'avoir accés à tous les fichiers. -4-Lance Hijackthis,scan,et coche les lignes en gras ci-dessous. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\a.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\a.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\a.bin\MWSBAR.DLL O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\PROGRA~1\Toolbar\toolbar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\TNB\TNBUtil.exe" /CHECKALL O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\a.bin\mwsoemon.exe O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [Zero Knowledge Freedom] C:\Program Files\Securitoo\Firewall\Freedom.exe O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\a.bin\mwsoemon.exe O4 - HKCU\..\Run: [c07nRhe6h] wlnrfdll.exe O4 - Startup: DLHelperEXE.exe O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\a.bin\MWSOEMON.EXE O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\a.bin\MWSOEMON.EXE O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSxdm148 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version3/Applet/wchatsign.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {532217E3-860C-4EEE-8BBD-3F342DCD9AE9} (InPop.InControl) - http://adlogix.com/pop/InPop.CAB O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/134270fa2563c7e8b915/...ip/RdxIE601.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200306...meInstaller.exe O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {69432678-2906-2705-1128-068943397621} - O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhelper/ve...n7/dlhelper.cab O16 - DPF: {B5F016CF-23D9-40BC-B16A-2919C0886DD8} (NavolX Contrôle) - http://nsol.nordnet.fr/navol/navol.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {FC9C7D52-C99A-494A-AA79-4A25098F659C} - http://www.casinolux.com/dload/gvdload.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{62C5C28F-A13C-4C4F-A779-ABFFB822FFF1}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\PROGRA~1\Toolbar\toolbar.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - C:\PROGRA~1\SECURI~1\1044199\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\Common\FSAA.EXE (file missing) O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo AntiVirus\1044199\program\fsbwsys.exe O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\DFW\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Common\FSMA32.EXE O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\fswsclds.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe -5-Ferme toutes les fenetres Internet Explorer,Outlook Express sauf Hijackthis,puis clique sur "Fix checked" -6-LancE LSPFix et agrandis la fenêtre qui, par défaut, est trop petite et fait apparaître les ascenseurs horizontaux et verticaux, masquant un bouton. .Déconnecte-toi d'Internet et ferme toutes les instances (fenêtres) Internet Explorer. .Coche la case "I know what I'm doing" ("Je sais ce que je fais"). .Clique sur le bouton "Finish". -7-Redémarre en mode sans echec. Comment démarrer Windows XP en mode sans échec -8-Supprime les fichiers et dossiers suivants. -C:\WINDOWS\System32\wlnrfdll.exe<-le fichier -C:\WINDOWS\System32\ DLHelperEXE.exe<-le fichier -C:\Program Files\MyWebSearch<-le dossier -C:\Program Files\Toolbar<-le dossier - C:\Program Files\NewDotNet<-le dossier --9-Supprime les fichiers inutiles dans les répertoires Temp celui de C:\Documents and Settings\ton identité\Local Settings\Temp <--tout le contenu C:\Documents and Settings\autres identités\Local Settings\Temp <--tout le contenu et celui de C:\Windows\Temp <--tout le contenu -10-Supprime tous les fichiers de Temporary Internet Files via Options Internet/onglet Général/zone "Fichiers Internet Temporaires/bouton suppimer les fichiers . -Supprime les Cookies . -Vide la corbeille -11-Redémarre normalement et poste un nouveau log HijackThis pour vérification. L'installer dans un répertoire spécifique(Pas sur le bureau,ni dans le repertoire Temp). @+

Bonjour à tous, Attention !!! Il ne faut pas confondre Spyblaster avec Spywareblaster SpywareBlaster. Une fois installé il agit en mode passif il protege la base de registre et empêche l'installation de toutes les commandes d'ActiveX de spywares les plus connus . SpywareBlaster ne fait aucun scan. http://www.javacoolsoftware.com/sbdownload.html

Bonjour à tous, Salut did,content de te croiser ici !!

Bonjour à tous, -1-Désinstalle via Ajout/suppression des programmes du panneau de configuration ,le(s) programme(s) suivant(s). -Time Sync -2-Assure toi d'avoir accés à tous les fichiers. -3-Termine le(s) processus suivant(s). -time.exe -?srss.exe -haen.exe -4-Lance Hijackthis,scan,et coche les lignes en gras ci-dessous. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll O2 - BHO: (no name) - {309310C2-8551-ADFA-7FC5-862D10DBF8CF} - C:\WINDOWS\System32\idzjwj.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {63CA4EC8-D400-A8AD-7FC5-862D10DBF8CE} - C:\WINDOWS\System32\rbue.dll O3 - Toolbar: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [Time Sync] C:\Program Files\Time Sync\time.exe O4 - HKLM\..\Run: [jut] C:\WINDOWS\jut.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sFS6] "C:\Program Files\Steganos Secure FileSharing 6\sfs.exe" /booting O4 - HKCU\..\Run: [Vthqskn] C:\WINDOWS\System32\?srss.exe O4 - HKCU\..\Run: [Knrl] C:\WINDOWS\System32\??erinit.exe O4 - HKCU\..\Run: [ismo] C:\WINDOWS\System32\haen.exe O4 - HKCU\..\Run: [kzko] C:\PROGRA~1\COMMON~1\kzko\kzkom.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1108727762963 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FE4044E6-754D-4D29-B79D-E6B2205E7F43}: NameServer = 130.244.127.161,130.244.127.169 O18 - Protocol: bw+0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {B659AC17-65AA-4849-BD56-6808622AE594} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O23 - Service: SolidWorks SolidNetWork License Manager - Macrovision Corporation - C:\Program Files\SolidWorks SolidNetWork License Manager\lmgrd.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -5-Ferme toutes les fenetres Internet Explorer,Outlook Express sauf Hijackthis,puis clique sur "Fix checked" -5-Redémarre en mode sans echec. Comment démarrer Windows XP en mode sans échec -6-Supprime les fichiers et dossiers suivants. -C:\WINDOWS\System32\?srss.exe<-le fichier -C:\WINDOWS\System32\haen.exe <-le fichier -C:\WINDOWS\System32\??erinit.exe<-le fichier -C:\WINDOWS\System32\idzjwj.dll<-le fichier -C:\WINDOWS\System32\rbue.dll<-le fichier -C:\WINDOWS\jut.exe<-le fichier -C:\Program Files\Time Sync<-le dossier -C:\Program Files\Common Files\kzko<-le dossier -7-Supprime les fichiers inutiles dans les répertoires Temp celui de C:\Documents and Settings\ton identité\Local Settings\Temp <--tout le contenu C:\Documents and Settings\autres identités\Local Settings\Temp <--tout le contenu et celui de C:\Windows\Temp <--tout le contenu -8-Supprime tous les fichiers de Temporary Internet Files via Options Internet/onglet Général/zone "Fichiers Internet Temporaires/bouton suppimer les fichiers . -Supprime les Cookies . -Vide la corbeille -9-Redémarre normalement et poste un nouveau log HijackThis pour vérification. L'installer dans un répertoire spécifique(Pas sur le bureau,ni dans le repertoire Temp). @+

Bonsoir à tous, LOL Bonsoir ipl J'aime aussi Zebulon,je viens aider quand le temps le permet.

Bonsoir narca, bonsoir à tous, Il reste deux lignes à corriger. Tu "fixes" sur Hijackthis,en procédant comme je te l'ai indiqué auparavant,les lignes suivantes: O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone (HKLM) Tu réeinstalles le fichier Del_Domain.inf (clic droit-->installer) Redémarre,et viens remettre un nouveau log . @+