Probleme de plantage et ping enorme - Sécurité - Windows & Software
Marsh Posté le 12-06-2005 à 18:30:15
J'ai pas tout compris ?
Sinon pour rajoute je peux plus lance de son ou de video, ca plante.
Marsh Posté le 12-06-2005 à 18:52:10
Télécharge Hijackthis, installe le et lance le.
Fais "Do a system scan and save a logfile".
Il va ouvrir un fichier texte, tu copies/colles le contenu et tu le postes ici.
Télécharge aussi CCleaner pendant que tu y es.
Marsh Posté le 12-06-2005 à 19:45:47
Logfile of HijackThis v1.99.1
Scan saved at 19:45:23, on 12/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\logiciel\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Messenger\msmsgs.exe
D:\logiciel\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\logiciel\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\Logiciel\Xfire\Xfire.exe
D:\logiciel\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\NORTON~1\GHOSTS~2.EXE
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\svchost.exe
D:\logiciel\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
D:\logiciel\Securitoo\av_fw\fswsclds.exe
D:\logiciel\Securitoo\av_fw\Common\FSMA32.EXE
D:\logiciel\Securitoo\av_fw\Common\FSMB32.EXE
D:\logiciel\Securitoo\av_fw\Common\FCH32.EXE
D:\logiciel\Securitoo\av_fw\Common\FAMEH32.EXE
D:\logiciel\Securitoo\av_fw\DFW\Program\fsdfwd.exe
D:\logiciel\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
D:\logiciel\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
D:\logiciel\Securitoo\av_fw\Anti-Virus\fssm32.exe
D:\logiciel\Securitoo\av_fw\Anti-Virus\fsav32.exe
D:\logiciel\Securitoo\av_fw\Common\FSM32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\imapi.exe
D:\Logiciel\WinRAR\WinRAR.exe
D:\Logiciel\Firefox Mozilla\firefox.exe
D:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho13.dll
O2 - BHO: Helper Class - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll
O3 - Toolbar: NavExcel Toolbar - {5AA06644-BC46-4220-A460-47A6EB47C96D} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll
O4 - HKLM\..\Run: [MessengerPlus3] "D:\logiciel\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [F-Secure Manager] "D:\logiciel\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\logiciel\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKCU\..\Run: [MessengerPlus3] "D:\logiciel\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] d:\Logiciel\Logitech\\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Skype] "D:\logiciel\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Xfire.lnk = D:\Logiciel\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_02\bin\npjpi142_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_02\bin\npjpi142_02.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind13.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/ [...] cfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O18 - Protocol: bw+0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - D:\logiciel\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - D:\logiciel\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - D:\logiciel\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - D:\logiciel\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\logiciel\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\logiciel\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - D:\logiciel\Securitoo\av_fw\fswsclds.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\NORTON~1\GHOSTS~2.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\logiciel\TuneUp Utilities 2004\WinStylerThemeSvc.exe
Merci
Marsh Posté le 13-06-2005 à 14:41:03
que skype plante, c'est normal, ca fait parti du package
le securitoo m'a l'air vachement intrusif
Marsh Posté le 13-06-2005 à 14:53:23
J'ai installer securitoo juste avant mon post. Encore un antivirus de plus qui n'a pas marche. Deja deleted.
Marsh Posté le 13-06-2005 à 15:21:47
Salut,
Pareil pour moi sécuritoo --> exit, dire que j'payais 5/mois
Depuis j'ai avast,largement plus performant, et à vrai dire il n'est pas trop mal, mise à jour régulières et en plus gratos.
Pour l'instant mon pc s'en porte bien.
Marsh Posté le 13-06-2005 à 21:17:59
Re, télécharge:
Ewido
http://www.ewido.net/en/download/
Installe et mets à jour
CWShredder
http://www.intermute.com/spysubtra [...] nload.html
Installe dans un répertoire dédié, ferme toutes les fenêtres et clique sur Fix
Désinstalle via Ajout/Suppression de programmes ces applications si elles sont présentes:
Web Rebates, SideFind, NavHelper
Démarre Hijackthis Do a system scan only, assure toi que la case Make Backups before fixing items est activée et coche les lignes suivantes:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll (file missing)
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho13.dll
O2 - BHO: Helper Class - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll
O3 - Toolbar: NavExcel Toolbar - {5AA06644-BC46-4220-A460-47A6EB47C96D} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind13.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
Ferme toutes les fenêtres, tous les programmes et clique sur Fix checked
Démarre en mode sans échec (F8 ou F5)
Assure toi d'avoir accès à tous les fichiers.
Citation : Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage : |
Supprime les fichiers/dossiers incriminés (s'ils existent encore):
C:\WINDOWS\localNRD.dll
C:\Program Files\SideFind
C:\Program Files\NavExcel Search Toolbar
C:\Program Files\Web_Rebates
Recache les fichiers système afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
Exécute CCleaner sur chaque session utilisateur
Redémarre normalement, scanne avec Ewido et poste le rapport du scan avec un nouveau rapport Hijackthis pour vérification.
Marsh Posté le 14-06-2005 à 00:04:56
Scan ewido
---------------------------------------------------------
ewido security suite - Rapport de scan
---------------------------------------------------------
+ Créé le: 00:00:45, 14/06/2005
+ Somme de contrôle: 8DAC3577
+ Date des signatures: 13/06/2005
+ Version du moteur de recherche: v3.0
+ Temps: 49 min
+ Fichiers scannés: 174974
+ Vitesse: 58.51 Fichiers/Secondes
+ Fichers infectés: 1
+ Fichiers supprimés: 0
+ Fichiers mis en quarantaine: 0
+ Fichiers ne pouvant pas être ouverts: 0
+ Fichiers ne pouvant pas être nettoyés: 0
+ Liés: Oui
+ Cryptés: Oui
+ Archives: Oui
+ Elements scannés:
C:\
D:\
+ Résultats du scan:
D:\Logiciel\KaZaA Lite\TopSearch.dll -> Spyware.TopSearch -> Ignoré
::Fin du rapport
Scan Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 00:04:07, on 14/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\logiciel\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\logiciel\Securitoo\av_fw\Common\FSM32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Messenger\msmsgs.exe
d:\Logiciel\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\logiciel\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
d:\logiciel\ewido\security suite\ewidoctrl.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
D:\Logiciel\Xfire\Xfire.exe
d:\logiciel\ewido\security suite\ewidoguard.exe
D:\logiciel\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe
D:\logiciel\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
D:\logiciel\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\logiciel\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
D:\logiciel\Securitoo\av_fw\Anti-Virus\fssm32.exe
D:\logiciel\Securitoo\av_fw\fswsclds.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NORTON~1\GHOSTS~2.EXE
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\svchost.exe
D:\logiciel\Securitoo\av_fw\Common\FSMA32.EXE
D:\logiciel\Securitoo\av_fw\Common\FSMB32.EXE
D:\logiciel\Securitoo\av_fw\Common\FCH32.EXE
D:\logiciel\Securitoo\av_fw\Common\FAMEH32.EXE
D:\logiciel\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wscntfy.exe
D:\logiciel\Securitoo\av_fw\DFW\Program\fsdfwd.exe
C:\WINDOWS\System32\svchost.exe
D:\Logiciel\Firefox Mozilla\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "D:\logiciel\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [F-Secure Manager] "D:\logiciel\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\logiciel\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\logiciel\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] d:\Logiciel\Logitech\\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Skype] "D:\logiciel\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Xfire.lnk = D:\Logiciel\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_02\bin\npjpi142_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_02\bin\npjpi142_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/ [...] cfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O18 - Protocol: bw+0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {9B27EC28-FBC0-4CFF-A8ED-45655890C50A} - d:\Logiciel\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) - Unknown owner - D:\logiciel\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - d:\logiciel\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - d:\logiciel\ewido\security suite\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - D:\logiciel\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - D:\logiciel\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: fsbwsys - F-Secure Corp. - D:\logiciel\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\logiciel\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\logiciel\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - D:\logiciel\Securitoo\av_fw\fswsclds.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\NORTON~1\GHOSTS~2.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\logiciel\TuneUp Utilities 2004\WinStylerThemeSvc.exe
thx
Marsh Posté le 14-06-2005 à 00:42:14
Par contre ca n'a rien change, toujours mon ping enorme et lag sur cs (30s a rentrer dans un serveur au lieu de 5)
Marsh Posté le 14-06-2005 à 17:24:28
Bonjour, ton rapport est propre. Deux idées:
Désinstalle Xfire, légitime mais "capte" la connexion internet (ligne 010 du log)
Démarrer> Exécuter> Entre msconfig> Onglet démarrage: décoche au coup par coup et dis ce qu'il en est.
Marsh Posté le 15-06-2005 à 12:26:32
Quels sont les derniers logiciels installés? Tente une restauration système à une date antérieure.
Marsh Posté le 16-06-2005 à 06:54:00
Norton ghost ne touche pas au D: lors d'une restauration ?
Marsh Posté le 16-06-2005 à 07:54:54
c plus rapide de format et reinstall et au moins tu retrouve tes perfs d'origines
partisans du format C: rejoignez moi !
Marsh Posté le 12-06-2005 à 18:11:07
Lu.
J'ai un gros probleme.
Depuis 1 semaine j'ai des plantages windows (avec la fenetre "veuillez signaler ce probleme a microsoft" "Explorer.exe a rencontre un probleme" ) a chaque fois que je clique sur un fichier video (dans un fenetre). Quand je me connecte sur symantec j'ai la meme erreur (mais pas si je me connecte avec firefox) et sous cs j'ai minimum 80 de ping avec des montes aleatoires jusqu'a 500 (normalement j'ai 10 15). Ah oui aussi skype plante et ne veut plus se lance (meme fenetre sauf que ce n'est pas explorer.exe mais skype - free internet telephony).
J'ai regarde dans le processus et j'ai CLI.exe, Apache et ati2evxx en double (depuis eu) et svchost en 7 fois.
Dans le run de regedit aucun programme suspect de repere, j'ai scanne avec tous les antivirus online que j'ai pu trouve, ils n'ont rien trouve sauf une fois au tout debut ou Gaobot a ete detecte.
Hier en netoyant le processus mon ordinateur a eu l'erreur du reboot des 60s comme a l'epoque de blaster (et d'agobot).
Je veux surtout eviter de formater, que faire ?