Votre question

[RESOLU] Problème popup sur pc professionnel [scan Hijackthis présent]

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Janvier 2011 18:05:59

Bon je viens vous demandez votre aide car mon pc portable qui a comme OS Windows XP Sp3 et que je me sers pour mon entreprise, subit beaucoup de publicité ce qui le rend lent et qui et devenu extrêmement pénible... Pouvez vous m'aider s'il vous plaid...?

Scan Hijackthis =>

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:01, on 10/01/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\Logi_MwX.Exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Installer\lnetworker.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\hasplms.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\PVSW\bin\WGE_SRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BackupIP\service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://apps.corel.com/redirect/?_redirect=wpr&invokedfr...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {59E82AC6-6CDA-1B49-E080-D97BB45482AA} - C:\DOCUME~1\SARLFL~1\APPLIC~1\SIXTHL~1\Wave bend.exe (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl]
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [installer] C:\Program Files\Installer\lnetworker.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Online Type] C:\DOCUME~1\SARLFL~1\APPLIC~1\Drawbold\Bits Help Byte.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O18 - Protocol: bw+0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {EA16F7FE-E9D0-492C-BA58-01F67E4C13CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: 92.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: EBP - Pervasive.SQL Workgroup (Pervasive.SQL Workgroup) - Unknown owner - C:\PVSW\bin\WGE_SRV.EXE
O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\WINDOWS\BackupIP\service.exe

--
End of file - 23699 bytes

Autres pages sur : resolu probleme popup professionnel scan hijackthis present

10 Janvier 2011 21:15:24

Bonsoir

Oui bien vérolé ton PC !

Télécharge Ad-Remover (C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-cliquez sur AD-R présent sur ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA et Seven )
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Scanner. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
Une fenêtre contenant le rapport va s'ouvrir, poste moi le rapport dans ta prochaine réponse.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Ensuite clique sur Quitter pour fermer Ad-Remover.

Note : Le rapport que Ad-Remover viens de générer se trouve ici : C:\Ad-Report-SCAN
10 Janvier 2011 21:32:33

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 09/01/11 à 12:30
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:29:54 le 10/01/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
SARL Florance jean@D3B0282J ( )

============== RECHERCHE ==============

Service: "sdmBackupIP" Présent

Dossier trouvé: C:\Program Files\Installer
Fichier trouvé: C:\WINDOWS\system32\Utils.dll
Dossier trouvé: C:\WINDOWS\BackupIP
Dossier trouvé: C:\Program Files\MyWaySA
Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Viewpoint
Dossier trouvé: C:\Program Files\Viewpoint
Dossier trouvé: C:\Documents and Settings\SARL Florance jean\Local Settings\Application Data\networker

Clé trouvée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé trouvée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé trouvée: HKLM\Software\Classes\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
Clé trouvée: HKLM\Software\Classes\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
Clé trouvée: HKLM\Software\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
Clé trouvée: HKLM\Software\Classes\TypeLib\{4D25F920-B9FE-4682-BF72-8AB8210D6D75}
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé trouvée: HKLM\Software\Install Pedia Limited
Clé trouvée: HKLM\Software\MetaStream
Clé trouvée: HKLM\Software\Viewpoint
Clé trouvée: HKLM\Software\Classes\Installer\Products\8829557EB322C354F96043E0B32EE193
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\8829557EB322C354F96043E0B32EE193
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{4D25F926-B9FE-4682-BF72-8AB8210D6D75}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Documents and Settings\SARL Florance jean\Application Data\Mozilla\FireFox\Profiles\nj7ot9x3.default\Prefs.js --
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [7.0.5730.13] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: hxxp://www.google.com
Show_ToolBar: yes
Start Page: hxxp://www.msn.com/
Use Custom Search URL: 0x01000000
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 10/01/2011 (886 Octet(s))

Fin à: 21:31:22, 10/01/2011

============== E.O.F ==============
Contenus similaires
10 Janvier 2011 21:35:44

/!\ Déconnectes toi et fermes toutes applications en cours /!\
Relance AD-R à partir de ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA et Seven)
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Nettoyer. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
A la fin du scan on te propose de redémarrer, accepte en cliquant sur oui. Ton PC va redémarrer.
Une fois ton PC rallumé, rends toi ici : C:\ et ouvre le fichier nommé Ad-Report-SCAN.
Post moi dans ta prochaine réponse e contenus de Ad-Report-SCAN.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
10 Janvier 2011 21:53:05

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 09/01/11 à 12:30
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:46:25 le 10/01/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
SARL Florance jean@D3B0282J ( )

============== ACTION(S) ==============

Service: "sdmBackupIP" Stoppé et supprimé

Dossier supprimé: C:\Program Files\Installer
Fichier supprimé: C:\WINDOWS\system32\Utils.dll
Dossier supprimé: C:\WINDOWS\BackupIP
Dossier supprimé: C:\Program Files\MyWaySA
Dossier supprimé: C:\Documents and Settings\All Users\Application Data\Viewpoint
Dossier supprimé: C:\Program Files\Viewpoint
Dossier supprimé: C:\Documents and Settings\SARL Florance jean\Local Settings\Application Data\networker

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé supprimée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé supprimée: HKLM\Software\Classes\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
Clé supprimée: HKLM\Software\Classes\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
Clé supprimée: HKLM\Software\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
Clé supprimée: HKLM\Software\Classes\TypeLib\{4D25F920-B9FE-4682-BF72-8AB8210D6D75}
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé supprimée: HKLM\Software\Install Pedia Limited
Clé supprimée: HKLM\Software\MetaStream
Clé supprimée: HKLM\Software\Viewpoint
Clé supprimée: HKLM\Software\Classes\Installer\Products\8829557EB322C354F96043E0B32EE193
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\8829557EB322C354F96043E0B32EE193
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{4D25F926-B9FE-4682-BF72-8AB8210D6D75}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Documents and Settings\SARL Florance jean\Application Data\Mozilla\FireFox\Profiles\nj7ot9x3.default\Prefs.js --
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [7.0.5730.13] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 0x01000000
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 60 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 10/01/2011 (956 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/01/2011 (4044 Octet(s))

Fin à: 21:47:23, 10/01/2011

============== E.O.F ==============
10 Janvier 2011 21:56:48

Ok voila une bonne chose de faite

Relance AD-R à partir de ton bureau.
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Désinstaller.
La fenêtre va disparaître, ainsi que AD-R qui était sur ton Bureau.

Ensuite fais moi ceci :

Télécharge OTL sur ton Bureau.

  • Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
  • L'écran principal de OTL s'affiche:

  • Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche purity.
  • Copies et colles le contenu de cette citation dans la partie inférieure d'OTL, Sous "Personnalisation"

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    ctfmon.exe
    explorer.exe
    userinit.exe
    wininit.exe
    winlogon.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    CREATERESTOREPOINT


  • Enfin, clique sur le bouton Analyse; Ne change aucun paramètre si je ne te l'ai pas dit. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

    NE POSTE PAS LES RAPPORTS SUR LE FORUM MAIS

  • Rends toi ensuite sur ce site : http://www.cijoint.fr/
    Clique sur "parcourir" et va jusqu'au rapport que tu as sauvegardé .
    Clique ensuite sur "cliquer ici pour déposer le fichier" et patiente ...
    Une fois l'upload finit , un lien apparait > copie/colle le dans ta prochaine réponse stp ....

    AIDE en IMAGE
    11 Janvier 2011 21:05:55

    Bonsoir

    IE pas a jour = failles de sécurité

    Ca c'est pas bon ! Supprimes
    C:\Documents and Settings\SARL Florance jean\Bureau\ophcrack-livecd-1.0.iso


    Relance OTL.exe.

    Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le contenu du cadre ci dessous depuis rien comme sur l'image:


    Rien
    :OTL
    DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found
    DRV - (s24trans) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys File not found
    [2011/01/10 22:11:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SARL Florance jean\Application Data\Mozilla\Firefox\Profiles\nj7ot9x3.default\extensions
    O2 - BHO: (no name) - {59E82AC6-6CDA-1B49-E080-D97BB45482AA} - C:\DOCUME~1\SARLFL~1\APPLIC~1\SIXTHL~1\Wave bend.exe File not found
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O4 - HKLM..\Run: [ShowLOMControl] Reg Error: Invalid data type. File not found
    O4 - HKCU..\Run: [Online Type] C:\DOCUME~1\SARLFL~1\APPLIC~1\Drawbold\Bits Help Byte.exe File not found
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O33 - MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\Shell\AutoRun\command - "" = v.cmd
    O33 - MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\Shell\explore\Command - "" = v.cmd
    O33 - MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\Shell\open\Command - "" = v.cmd
    O33 - MountPoints2\{e5772382-eb49-11da-ad4c-001422d1a3a5}\Shell - "" = AutoRun
    O33 - MountPoints2\{e5772382-eb49-11da-ad4c-001422d1a3a5}\Shell\AutoRun\command - "" = E:\ReadMe.exe -- File not found
    [16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    :Files
    ipconfig /flushdns /c
    :reg
    [HKEY_CURRENT_USER\Control Panel\Desktop]
    "MenuShowDelay"="100"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
    "AlwaysUnloadDll"=dword:00000001
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=dword:000000ff
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    "NoDriveTypeAutoRun"=dword:000000ff
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer]
    "link"=hex:00,00,00,00
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
    "EnableBalloonTips"=dword:00000000
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify]
    "IconStreams"=-
    "PastIconsStream"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole]
    "SetCommand"=dword:00000001
    "SecurityLevel"=dword:00000001
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]


  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler sans te servir du PC!!!!!
  • Copie et colle le rapport dans ta réponse stp


    Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour >>

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :



  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
  • Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
  • Si des infections sont présentes, clic sur "Afficher les résultats"
    puis sur "Supprimer la sélection".

    Enregistre le rapport sur ton Bureau.
  • Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.



    Comment se comporte ton PC maintenant?
    12 Janvier 2011 12:31:00

    All processes killed
    Error: Unable to interpret <Rien> in the current context!
    ========== OTL ==========
    Error: No service named wanatw) WAN Miniport (ATW was found to stop!
    Service\Driver key wanatw) WAN Miniport (ATW not found.
    File C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found not found.
    Service s24trans stopped successfully!
    Service s24trans deleted successfully!
    File C:\WINDOWS\System32\DRIVERS\s24trans.sys File not found not found.
    Folder C:\Documents and Settings\SARL Florance jean\Application Data\Mozilla\Firefox\Profiles\nj7ot9x3.default\extensions\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59E82AC6-6CDA-1B49-E080-D97BB45482AA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59E82AC6-6CDA-1B49-E080-D97BB45482AA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShowLOMControl deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Online Type deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    File v.cmd not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    File v.cmd not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    File v.cmd not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ not found.
    File E:\ReadMe.exe not found.
    C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
    C:\WINDOWS\System32\SET10.tmp deleted successfully.
    C:\WINDOWS\System32\SET121.tmp deleted successfully.
    C:\WINDOWS\System32\SET126.tmp deleted successfully.
    C:\WINDOWS\System32\SET14.tmp deleted successfully.
    C:\WINDOWS\System32\SET15.tmp deleted successfully.
    C:\WINDOWS\System32\SET1D.tmp deleted successfully.
    C:\WINDOWS\System32\SET76.tmp deleted successfully.
    C:\WINDOWS\System32\SET77.tmp deleted successfully.
    C:\WINDOWS\System32\SET78.tmp deleted successfully.
    C:\WINDOWS\System32\SET79.tmp deleted successfully.
    C:\WINDOWS\System32\SET7E.tmp deleted successfully.
    C:\WINDOWS\System32\SET86.tmp deleted successfully.
    C:\WINDOWS\System32\SETD.tmp deleted successfully.
    C:\WINDOWS\System32\SETE.tmp deleted successfully.
    C:\WINDOWS\System32\SETF.tmp deleted successfully.
    C:\WINDOWS\002706_.tmp deleted successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de résolution DNS vidé.
    C:\Documents and Settings\SARL Florance jean\Bureau\cmd.bat deleted successfully.
    C:\Documents and Settings\SARL Florance jean\Bureau\cmd.txt deleted successfully.
    ========== REGISTRY ==========
    HKEY_CURRENT_USER\Control Panel\Desktop\\"MenuShowDelay"|"100" /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\\"AlwaysUnloadDll"|dword:00000001 /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\\"link"|hex:00,00,00,00 /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"EnableBalloonTips"|dword:00000000 /E : value set successfully!
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\IconStreams deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\PastIconsStream deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SetCommand"|dword:00000001 /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SecurityLevel"|dword:00000001 /E : value set successfully!
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes
    ->Flash cache emptied: 56502 bytes

    User: LocalService
    ->Temp folder emptied: 115884 bytes
    ->Temporary Internet Files folder emptied: 11004741 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 799069 bytes

    User: SARL Florance jean
    ->Temp folder emptied: 15687353 bytes
    ->Temporary Internet Files folder emptied: 7993219 bytes
    ->Java cache emptied: 392736 bytes
    ->FireFox cache emptied: 69142274 bytes
    ->Flash cache emptied: 58830 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 9067390 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 569693844 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 652,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: NetworkService

    User: SARL Florance jean
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb

    Restore point Set: OTL Restore Point (0)

    OTL by OldTimer - Version 3.2.20.1 log created on 01122011_120848

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.
    C:\WINDOWS\temp\Perflib_Perfdata_688.dat moved successfully.
    C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB979909_20110112_110552000-Msi0.txt moved successfully.

    Registry entries deleted on Reboot...
    12 Janvier 2011 18:52:11

    All processes killed
    Error: Unable to interpret <Rien> in the current context!
    ========== OTL ==========
    Error: No service named wanatw) WAN Miniport (ATW was found to stop!
    Service\Driver key wanatw) WAN Miniport (ATW not found.
    File C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found not found.
    Service s24trans stopped successfully!
    Service s24trans deleted successfully!
    File C:\WINDOWS\System32\DRIVERS\s24trans.sys File not found not found.
    Folder C:\Documents and Settings\SARL Florance jean\Application Data\Mozilla\Firefox\Profiles\nj7ot9x3.default\extensions\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59E82AC6-6CDA-1B49-E080-D97BB45482AA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59E82AC6-6CDA-1B49-E080-D97BB45482AA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShowLOMControl deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Online Type deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    File v.cmd not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    File v.cmd not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{158f6081-4425-11dc-bfdd-001422d1a3a5}\ not found.
    File v.cmd not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5772382-eb49-11da-ad4c-001422d1a3a5}\ not found.
    File E:\ReadMe.exe not found.
    C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
    C:\WINDOWS\System32\SET10.tmp deleted successfully.
    C:\WINDOWS\System32\SET121.tmp deleted successfully.
    C:\WINDOWS\System32\SET126.tmp deleted successfully.
    C:\WINDOWS\System32\SET14.tmp deleted successfully.
    C:\WINDOWS\System32\SET15.tmp deleted successfully.
    C:\WINDOWS\System32\SET1D.tmp deleted successfully.
    C:\WINDOWS\System32\SET76.tmp deleted successfully.
    C:\WINDOWS\System32\SET77.tmp deleted successfully.
    C:\WINDOWS\System32\SET78.tmp deleted successfully.
    C:\WINDOWS\System32\SET79.tmp deleted successfully.
    C:\WINDOWS\System32\SET7E.tmp deleted successfully.
    C:\WINDOWS\System32\SET86.tmp deleted successfully.
    C:\WINDOWS\System32\SETD.tmp deleted successfully.
    C:\WINDOWS\System32\SETE.tmp deleted successfully.
    C:\WINDOWS\System32\SETF.tmp deleted successfully.
    C:\WINDOWS\002706_.tmp deleted successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de résolution DNS vidé.
    C:\Documents and Settings\SARL Florance jean\Bureau\cmd.bat deleted successfully.
    C:\Documents and Settings\SARL Florance jean\Bureau\cmd.txt deleted successfully.
    ========== REGISTRY ==========
    HKEY_CURRENT_USER\Control Panel\Desktop\\"MenuShowDelay"|"100" /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\\"AlwaysUnloadDll"|dword:00000001 /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\\"link"|hex:00,00,00,00 /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"EnableBalloonTips"|dword:00000000 /E : value set successfully!
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\IconStreams deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\PastIconsStream deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SetCommand"|dword:00000001 /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SecurityLevel"|dword:00000001 /E : value set successfully!
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes
    ->Flash cache emptied: 56502 bytes

    User: LocalService
    ->Temp folder emptied: 115884 bytes
    ->Temporary Internet Files folder emptied: 11004741 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 799069 bytes

    User: SARL Florance jean
    ->Temp folder emptied: 15687353 bytes
    ->Temporary Internet Files folder emptied: 7993219 bytes
    ->Java cache emptied: 392736 bytes
    ->FireFox cache emptied: 69142274 bytes
    ->Flash cache emptied: 58830 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 9067390 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 569693844 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 652,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: NetworkService

    User: SARL Florance jean
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb

    Restore point Set: OTL Restore Point (0)

    OTL by OldTimer - Version 3.2.20.1 log created on 01122011_120848

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.
    C:\WINDOWS\temp\Perflib_Perfdata_688.dat moved successfully.
    C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB979909_20110112_110552000-Msi0.txt moved successfully.

    Registry entries deleted on Reboot...
    12 Janvier 2011 19:03:21

    Hello

    C'est pas mal OTL mais maintenant c'est le rapport de Malwarebytes que je voudrais , tu m'as mis 2 fois OTL
    12 Janvier 2011 19:14:45

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 5507

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13

    12/01/2011 19:14:23
    mbam-log-2011-01-12 (19-14-23).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 147392
    Temps écoulé: 10 minute(s), 9 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\mywaysearchassistantde.auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\mywaysearchassistantde.auxiliary.1 (Adware.MyWaySearch) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    12 Janvier 2011 19:17:43

    Impec toujours des Pubs ?

    A suivre
    12 Janvier 2011 19:19:25

    Mon Ordinateur semble aller beaucoup mieux ^^ Un Grand Merci pour votre Aide et votre patience. :) 
    12 Janvier 2011 19:27:15

    Content pour toi

    Encore un peu de boulot pour toi

    Tu vas supprimer OTL

  • Double clique sur OTL.exe et clique sur le bouton purge outils
    Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • OTL va supprimer tous les logiciels qu'on a utilisés et faire redémarrer ton ordinateur.



    Télécharge Security Check by screen317 ICI ou ICI sur le bureau.
    Double-clique sur SecurityCheck.exe et suis les instructions à l'écran à l'intérieur de la boîte noire.
    Un document du Bloc-notes doit s'ouvrir checkup.txt
    Poste moi le contenu de ce document.
    Ferme Security Check
    12 Janvier 2011 21:01:50

    Results of screen317's Security Check version 0.99.8
    Windows XP Service Pack 3
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:

    avast! Antivirus
    Navirad v4 UserTool 1.4
    Reinitialisation Navirad 1.1
    avast! successfully updated!
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Ad-Aware
    Malwarebytes' Anti-Malware
    HijackThis 2.0.2
    CCleaner
    Java 2 Runtime Environment, SE v1.4.2_03
    Adobe Flash Player 10.1.102.64
    Adobe Reader X - Français
    Mozilla Firefox (3.6.13)
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Ad-Aware AAWService.exe
    Ad-Aware AAWTray.exe is disabled!
    Alwil Software Avast4 aswUpdSv.exe
    Alwil Software Avast4 ashServ.exe
    Alwil Software Avast4 ashDisp.exe
    Alwil Software Avast4 ashMaiSv.exe
    Alwil Software Avast4 ashWebSv.exe
    ``````````End of Log````````````
    12 Janvier 2011 21:09:09

    :hello: 
    Ok c'est bon j'ai vu que tu étais passé en résolu Merci

    Pour Ad-Aware tu peux supprimer il ne sert a rien !
    Pour Avast4 tu peux prendre le dernier le 5

    Bonne soirée et bonne route

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS