Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Problême au démarrage


Asphx

Messages recommandés

Bonjour à tous.

J'ai un gros problême sur mon ordinateur suite à des manipulations avec un adware (SurfSideKick) qui est apparemment innofensif. Je pense que ma méconnaissance et mon impatience ont eu raison de moi. J'ai surement dût modifier ou supprimer un fichier important, mais j'en doute.

 

Description du problême

J'allume mon PC (je fonctionne avec XP), je vois la barre de chargement de Windows XP, puis un message comme quoi mon ordi se prépare à démarrer et enfin l'écran de Bienvenue. Ensuite une alerte s'affiche accompagnée d'un son d'alerte. "Certains fichiers système sont absents ou endommagés. Vous ne pouvez pas ouvrir de séssion maintenant. Utilisez votre CD d'installation pour réinstaller Windows. Code d'érreur 0x80040507".

 

Ce qu'il m'est possible de faire

A partir de là rien ne marche exepté le Mode sans Echec. J'entre donc en mode sans échec, donc pas de connexion internet (je ne peux malheureusement donc pas fournir de rapport HijackThis) et la plupart des programmes ne fonctionnent pas (ne répondent plus rapidement), comme par exemple Ad-Aware ou Kaspersky. Je peux éffectuer des opérations normales à part ça, je peux rentrer dans le Registre Windows mais seulement par le biais du fichier dans le system32, car Effectuer une tâche > regedit ne marche pas on me dit que ce n'est pas une application Win32 valide. Je pense pouvoir effectuer une sauvegarde de fichier via CD.

 

Ce que j'ai déjà fait

J'ai tenté d'insérer le CD Windows XP version Familiale, mais apparemment il représente une version antérieure au système d'exploitation installé sur mon PC, donc j'ai pas de possibilité de réparation, ou du moins ça n'a pas l'air du tout (encore une fois peut être qu'en explorant le CD je pourrais, mais je ne me risque pas)

 

J'espère que je n'ai pas plus que mes yeux pour pleurer.

En attendant vos commentaires, merci.

Lien vers le commentaire
Partager sur d’autres sites

Bonjour,

 

En mode sans échec, fais une restauration du système.

ou : Menu Démarrer / executer et tape sfc /scannow

et laisse toi guider.

 

J'ai déjà tenté la restauration mais rien n'y fait, ça redémarre et le même problême apparait, c'est comme si ça n'avait rien fait. Je suis en pleine analyse Antivir là, j'ai gravé ça sur CD avc HijackThis puis j'ai lu à partir du mode sans échec ! J'ai déjà supprimé quelques trojans, j'attends la fin de l'analyse et je reviendrai avec le rapport HijackThis :P

Lien vers le commentaire
Partager sur d’autres sites

Oui tu as bien raison. J'ai tenté la manipulation mais ça ne donne rien, je vois un truc s'exécuter, une fenetre fond noir mais qui disparait en une micro seconde puis rien, rien ne se met en route.

Je vais quand même envoyer le rapport AntiVir et HijackThis dès qu'ils seront prêts.

Merci

Lien vers le commentaire
Partager sur d’autres sites

Voilà le rapport HijackThis

 

Logfile of HijackThis v1.99.1

Scan saved at 22:26:37, on 20/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lemonde.fr/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {253F37C8-6247-7E07-A176-78D80B0D9108} - C:\PROGRA~1\tonsbias\sendmeta.exe (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe

O4 - HKLM\..\Run: [avserve.exe] C:\WINDOWS\avserve.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [chic curb wipe software] C:\Documents and Settings\All Users\Application Data\FlawMfcdChicCurb\readme drive.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [satmat] C:\WINDOWS\satmat.exe

O4 - HKLM\..\Run: [tmbstgdjwqx] C:\WINDOWS\system32\ajusioyz.exe

O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\RunServices: [systemSAS] system32.exe

O4 - HKLM\..\RunServices: [CMD] cmd32.exe

O4 - HKLM\..\RunServices: [doit.exe] doit.exe

O4 - HKLM\..\RunOnce: [NavExcelBar.dll] rundll32.exe "C:\WINDOWS\remover.dll",_remove@16

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/28af5d87e47b90d7fd20/...RdxIE601_fr.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/AMC.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.servicesalacarte.wanad...gamesplayer.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab

O18 - Protocol: bw+0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: pushow70.dll MsgPlusLoader.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Lien vers le commentaire
Partager sur d’autres sites

Voici la manipulation à effectuer en entier

Merci de bien vouloir :

- Lire attentivement les instructions demandées et prendre son temps pour les effectuer convenablement, sinon la désinfection ne sera pas complète.

- Si certains éléments ne sont pas trouvés, merci de le signaler mais de poursuivre les manipulations jusqu'au bout.

- A l'issu de la procédure, merci de bien copier/coller TOUS les rapports demandés.

- N'hésitez pas à consulter les liens d'aides, ils sont là pour vous guider !

 

Sur HijackThis, refais un scan et coches les lignes suivantes :

 

O2 - BHO: (no name) - {253F37C8-6247-7E07-A176-78D80B0D9108} - C:\PROGRA~1\tonsbias\sendmeta.exe (file missing)

O4 - HKLM\..\Run: [chic curb wipe software] C:\Documents and Settings\All Users\Application Data\FlawMfcdChicCurb\readme drive.exe

O4 - HKLM\..\Run: [satmat] C:\WINDOWS\satmat.exe

O4 - HKLM\..\RunServices: [systemSAS] system32.exe

O4 - HKLM\..\RunServices: [CMD] cmd32.exe

O4 - HKLM\..\RunServices: [doit.exe] doit.exe

 

---> puis clic sur le bouton "Fix Checked"

n'hésite pas à consulter l'aide HijackThis

 

- Télécharge et installe ewido

- Mets le à jour à partir du menu update en haut, n'hésite pas à consulter l'Aide ewido pour tout problème.

- Télécharge clean.zip, décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

 

-- Redémarre en mode en mode sans échec, si tu sais pas comment on fait lis ceci

-- Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

-- Ensuite, navigue dans tes dossiers pour supprimes les dossiers, si existants :

 

C:\Program Files\tonsbias\

C:\Documents and Settings\All Users\Application Data\FlawMfcdChicCurb\

 

Ouvre le bloc-note et copie/colle le contenu du cadre ci-dessous :

 

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

 

- Une fois le contenu collé dans le bloc-note

- Enregistre le fichier (Menu fichier puis enregistrer-sous) sous le nom fix.reg

- Désactive tous les logiciels de protection (ewido, spybot, Spyware Doctor etc..) qui peuvent être installé sur ton ordinateur

- Double-clic sur fix.reg et accepte l'inscription des données.

 

- Ouvre ewido et clic sur l'onglet Settings, pour How to Act sélèctionne Quarantine.

Reviens a l'onglet Scan cliques Complete system Scan.

Le scan démarre.

A la fin cliquer sur Apply all actions

Puis sur Save report et pour finir Save report as enregistrer sur le Bureau.

 

 

Aide : N'hésite pas à consulter l'Aide ewido pour tout problème.

 

-- Redémarre en mode normal : Menu Démarrer / Arreter / Redémarre l'ordinateur

Attention : dans le cas où l'ordinateur redémarre en boucle en mode sans échec, faire la manipulation inverse en décochant l'option /SAFEBOOT à l'aide de msconfig : voir à nouveau cette page : cliquez-ici

 

-- Fais un scan en ligne avec Internet Explorer : Scan Kaspersky et colle le rapport ici. Si tu es perdu, tu peux suivre cette aide pour les scans en ligne

-- Copie/Colle ici les rapports :

- ewido

- le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

- ainsi qu'un nouveau log HijackThis

Lien vers le commentaire
Partager sur d’autres sites

Merci pour ta réponse j'ai tout fait sauf qu'après l'analyse ewido, j'ai donc mis en quarantaine un bon nombre de truc mais ensuite je n'ai pas pu redémarrer en normal, toujours l'érreur d'avant.

Voici les scans

 

Clean

Script clean par Malekal_morte - http://www.malekal.com

 

Microsoft Windows XP [version 5.1.2600]

Script execute en mode sans echec

 

*** Suppression de fichiers sur C:

 

*** Suppression des fichiers dans C:\WINDOWS\

 

*** Suppression des fichiers dans C:\WINDOWS\system32

 

 

Ewido

---------------------------------------------------------

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 01:54:59 21/08/2006

 

+ Scan result:

 

 

 

HKU\S-1-5-21-1659004503-1682526488-682003330-1004\Software\BTGrab -> Adware.BetterInternet : Cleaned with backup (quarantined).

HKU\S-1-5-21-1659004503-1682526488-682003330-1004\Software\ZServ -> Adware.BetterInternet : Cleaned with backup (quarantined).

C:\WINDOWS\RmxvcmVudHo\asappsrv.dll -> Adware.CommAd : Cleaned with backup (quarantined).

C:\WINDOWS\RmxvcmVudHo\command.exe -> Adware.CommAd : Cleaned with backup (quarantined).

C:\WINDOWS\system32\Xcite2.exe -> Adware.F1Organizer : Cleaned with backup (quarantined).

HKU\S-1-5-21-1659004503-1682526488-682003330-1004\Software\IST -> Adware.ISTBar : Cleaned with backup (quarantined).

C:\WINDOWS\system32\d2j00c1mef.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\m864lijq18oe.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\WINDOWS\system32\oreaut32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).

C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined).

HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT -> Adware.NaviSearch : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\daF53.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).

C:\Program Files\SurfSideKick 3 -> Adware.SurfSide : Cleaned with backup (quarantined).

C:\Program Files\SurfSideKick 3\SskBho.dll -> Adware.SurfSide : Cleaned with backup (quarantined).

C:\Program Files\SurfSideKick 3\SskCore.dll -> Adware.SurfSide : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Mes documents\MsgPlus-301.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).

C:\Program Files\Fichiers communs\imrz\imrzp.exe -> Downloader.TSUpdate.f : Cleaned with backup (quarantined).

C:\Aloap\Aloap.exe -> Not-A-Virus.BadJoke.Win16.Aloap : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Mes documents\Aloap.exe/Aloap.exe -> Not-A-Virus.BadJoke.Win16.Aloap : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UQNSKCDJ\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned with backup (quarantined).

C:\Program Files\Network Monitor\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned with backup (quarantined).

C:\teamscript36\NukeNabber\nukenabber.exe -> Not-A-Virus.NetTool.Win32.NukeNabber.21 : Cleaned with backup (quarantined).

:mozilla.190:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).

:mozilla.191:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).

:mozilla.192:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).

:mozilla.590:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Adition : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).

:mozilla.29:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).

:mozilla.40:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).

:mozilla.45:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Clickhype : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@com[3].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).

:mozilla.168:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).

:mozilla.169:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).

:mozilla.170:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).

:mozilla.171:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).

:mozilla.172:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).

:mozilla.173:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).

C:\WINDOWS\Temp\Cookies\florentz@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).

:mozilla.256:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).

:mozilla.62:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).

:mozilla.583:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@komtrack[1].txt -> TrackingCookie.Komtrack : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).

:mozilla.100:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).

:mozilla.101:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).

:mozilla.102:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).

:mozilla.103:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).

:mozilla.213:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).

:mozilla.214:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).

:mozilla.215:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).

:mozilla.216:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).

:mozilla.217:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).

:mozilla.384:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.398:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.409:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.530:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.531:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).

:mozilla.58:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).

:mozilla.59:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).

:mozilla.60:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).

:mozilla.61:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).

:mozilla.151:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

:mozilla.152:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@targad[2].txt -> TrackingCookie.Targad : Cleaned with backup (quarantined).

:mozilla.88:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).

:mozilla.89:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).

C:\WINDOWS\Temp\Cookies\florentz@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).

:mozilla.90:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).

:mozilla.387:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).

:mozilla.388:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).

:mozilla.104:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).

:mozilla.105:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\florentz@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\florentz@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).

:mozilla.20:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.21:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.22:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.23:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.24:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.25:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.26:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

C:\Documents and Settings\Florentz\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

C:\WINDOWS\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).

:mozilla.255:C:\Documents and Settings\Florentz\Application Data\Mozilla\Firefox\Profiles\68yyrmsw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).

 

 

::Report end

 

HijackThis

Logfile of HijackThis v1.99.1

Scan saved at 11:39:45, on 21/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lemonde.fr/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe

O4 - HKLM\..\Run: [avserve.exe] C:\WINDOWS\avserve.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [satmat] C:\WINDOWS\satmat.exe

O4 - HKLM\..\Run: [tmbstgdjwqx] C:\WINDOWS\system32\ajusioyz.exe

O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\RunOnce: [NavExcelBar.dll] rundll32.exe "C:\WINDOWS\remover.dll",_remove@16

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/28af5d87e47b90d7fd20/...RdxIE601_fr.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/AMC.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.servicesalacarte.wanad...gamesplayer.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab

O18 - Protocol: bw+0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {B51E8603-6D63-40A1-BA93-B63BB435472E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...