Se connecter / S'enregistrer
Votre question

Mon PC ne fonctionne plus correctement. Comment le réparer?

Tags :
  • Protocole
  • Dll
  • Windows
  • Logitech
  • Windows Live
  • Desktop
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Mars 2007 19:09:52

bon voila hier j'ai attrapé un virus ou plutot des virus...
trojant en grand nombre 65...kaspersky les a supprimé mais
je ne peut plus faire de copier/coller je n'est plus de barre de tache plus de sons et je peu plus déplacé les fichier
voici mon hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 09:56:35, on 04/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\explorer.exe
G:\Program Files\TuneUp Utilities 2007\RegistryCleaner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MyCash\IEFilter\MyCashIESvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
G:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0EE16FDA-348C-45D5-80BE-1954CD397F2A} - C:\PROGRA~1\MyCash\IEFilter\MyCashIE.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [MyCash IE Service] C:\Program Files\MyCash\IEFilter\MyCashIESvc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sheron1991.spaces.msn.com// [...] nPUpld.cab
O16 - DPF: {59514505-D207-11D5-8D11-000102B211C7} (ActiveFormX Contrôle) - http://217.195.22.242/iShop_inject [...] ctiveX.ocx
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 2888994023
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/d [...] utions.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange [...] loader.cab
O18 - Protocol: bw+0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: exalead - {39076C07-7014-41FF-A3CD-841360B1C2EC} - C:\Program Files\Exalead\Exalead Desktop\ExaScheme.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: 3.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: D - Sysinternals - www.sysinternals.com - C:\DOCUME~1\perso\LOCALS~1\Temp\D.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\perso\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

j'ai du l'enregistré sur disquette et le mettre sur mon autre pc pour pouvoir vous le donné aidé moi!!

Autres pages sur : fonctionne correctement reparer

4 Mars 2007 19:12:09

je te prépare des choses...
4 Mars 2007 19:13:50

ok merci^^
Contenus similaires
4 Mars 2007 19:14:04

Tu dois battre un recors la a mon avis :D  moi j'en ai un et je galere ...alors toi !!
Bonne chance comme meme! :D 
4 Mars 2007 19:14:51

mdr merci!!!je galere depuis hier!!!!
4 Mars 2007 19:17:05

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau ici:
http://downloads.andymanchesta.com/RemovalTools/SDFix.e...
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec


* Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:)  et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
* Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
* Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
4 Mars 2007 19:33:24

je fait tout sa sa riske detre long car je doit transféré le logiciel par le reseau tout sa en tout cas merci pour ton aide :) 
4 Mars 2007 19:38:41

comment ça transférer le logiciel par réseau?
4 Mars 2007 19:42:03

bahh ta vu sur lotre pc je suis assé blocké niveau commande donc voila je suis pas sur le pc infecté alors je télécharge le logiciel sur cette ordinateur et l'envoi sur le bon par msn :) 
4 Mars 2007 19:44:35

le nettoyage vien d'etre lancé :) 
4 Mars 2007 20:00:27

Report.txt


SDFix: Version 1.69

Run by perso - 04/03/2007 @ 19:44:29,74

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:





Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

No Trojan Files Found...




ADS Check:

C:\WINDOWS\system32
No streams found.


Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Nero\\Nero 7\\Core\\nero.exe"="C:\\Program Files\\Nero\\Nero 7\\Core\\nero.exe:*:Enabled:Image Files"
"H:\\Steam\\SteamApps\\piroud.damien@club-internet.fr\\half-life\\hl.exe"="H:\\Steam\\SteamApps\\piroud.damien@club-internet.fr\\half-life\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"I:\\eMule\\emule.exe"="I:\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\WINDOWS\\system32\\mshta.exe"="C:\\WINDOWS\\system32\\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\\Program Files\\Ratajik Software\\StationRipper\\StationRipperConsole.exe"="C:\\Program Files\\Ratajik Software\\StationRipper\\StationRipperConsole.exe:*:Enabled:StationRipperConsole"
"G:\\Program Files\\HLSW\\hlsw.exe"="G:\\Program Files\\HLSW\\hlsw.exe:*:Enabled:HLSW"
"G:\\The All-Seeing Eye\\eye.exe"="G:\\The All-Seeing Eye\\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"G:\\Sierra\\Half-Life\\hl.exe"="G:\\Sierra\\Half-Life\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Exalead\\Exalead Desktop\\ExaleadDesktop.exe"="C:\\Program Files\\Exalead\\Exalead Desktop\\ExaleadDesktop.exe:*:Enabled:Exalead OneDesktop"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\WINDOWS\\ServicePackFiles\\i386\\iexplore.exe"="C:\\WINDOWS\\ServicePackFiles\\i386\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Game Vindicator\\Game Vindicator\\GameVindicator.exe"="C:\\Program Files\\Game Vindicator\\Game Vindicator\\GameVindicator.exe:*:Enabled:GameVindicator"
"G:\\VisualBoyAdvanceLink.exe"="G:\\VisualBoyAdvanceLink.exe:*:Enabled:VisualBoyAdvance emulator"
"G:\\StubInstaller.exe"="G:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"G:\\Program Files\\Steam\\SteamApps\\andydu123\\counter-strike\\hl.exe"="G:\\Program Files\\Steam\\SteamApps\\andydu123\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"G:\\Program Files\\Steam\\SteamApps\\andydu123\\condition zero\\hl.exe"="G:\\Program Files\\Steam\\SteamApps\\andydu123\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"G:\\Program Files\\Steam\\SteamApps\\sheron91\\half-life\\hl.exe"="G:\\Program Files\\Steam\\SteamApps\\sheron91\\half-life\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\PeerTV\\PeerCast.exe"="C:\\Program Files\\PeerTV\\PeerCast.exe:*:Enabled:p eerCast"
"G:\\Program Files\\Steam\\SteamApps\\sheron91\\counter-strike\\hl.exe"="G:\\Program Files\\Steam\\SteamApps\\sheron91\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"G:\\Program Files\\iTunes\\iTunes.exe"="G:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"G:\\Program Files\\World of Warcraft\\Repair.exe"="G:\\Program Files\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:p artage de l'application RTC"
"G:\\Program Files\\World of Warcraft\\WoW-2.0.3-frFR-downloader.exe"="G:\\Program Files\\World of Warcraft\\WoW-2.0.3-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.7.6383-frFR-downloader.exe"="G:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.7.6383-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-frFR-downloader.exe"="G:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-frFR-downloader.exe:*:Enabled:Blizzard Downloader"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"


Remaining Files:
---------------



Checking For Files with Hidden Attributes :

C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\perso\Local Settings\Temp\~10C.tmp

Add/Remove Programs List:

Ad-Aware SE Personal
AIDA32 v3.93
Azureus
CCleaner (remove only)
Client Hack 1.9.2d
DVD Shrink 3.2
eMule
hex(2):45,00,61,00,72,00,74,00,68,00,27,00,73,00,20,00,53,00,70,\
Wanadoo
Fake Webcam 1.0
Fraps
Google Desktop
Half-Life
HijackThis 1.99.1
hp print screen utility
OpenMG AAC Add-on Module 1.0.00
OpenMG Secure Module 4.5.01
Kaspersky Internet Security 6.0
IWC GameSetup 1.0
Language pack for Ad-Aware SE
Messager Wanadoo
Messenger Plus! Live & Sponsor
Mozilla Firefox (2.0.0.2)
Messenger Plus! 3
MSN NeoWin
MSNServersX
NVIDIA Drivers
OpenMG Limited Patch 4.5-06-05-12-01
PE Builder v3.1.3
PeerTV 0.4.1
PhotoFiltre
PhotoFiltre Studio
Pixia 3.3b
POD-Bot 2.5
Programme de gestion Camera de Logitech
RealPlayer
Revolution Script CS
RivaTuner v2.0 RC 16
SaTstrat (remove only)
Shockwave
Adobe Flash Player 9 ActiveX
SM
Spybot - Search & Destroy 1.4
HLTooLz
HLTooLz (c:\\Program Files\\)
StationRipper 2.30
Steam
Steam(TM)
SuperCopier
The 4th Coming
Total Uninstall 3.61
Total Commander (Remove or Repair)
WebMediaPlayer 1.0
Windows Genuine Advantage Notifications
Windows XP Service Pack 2
WinISO 5.3
Archiveur WinRAR
WinZip
World of Warcraft
Wow Cartographe 1.07
Google Gmail Notifier
CanoScan Toolbox 4.5
hp deskjet 5100
Game Vindicator
Windows Live Sign-in Assistant
Google Toolbar for Internet Explorer
OpenMG AAC Add-on Module 1.0.00
J2SE Runtime Environment 5.0 Update 6
OpenMG Secure Module 4.5.01
Google Earth
Agama
iTunes
Adobe© Photoshop© Album Edition D‚couverte 3.0
QuickTime
O&O Defrag Professional Edition
Cammaestro 4.2GU build 1104.72
Paragon Easy CD-DVD Recorder
Windows Genuine Advantage v1.3.0254.0
DivX Converter
DivX
SpeechRedist
DivX Player
Logitech Desktop Messenger
Microsoft Office Professional Edition 2003
Microsoft Office FrontPage 2003
HDD Regenerator
Microsoft Office OneNote 2003
exalead one:D esktop 4.0 free edition
SonicStage 4.0
Apple Software Update
Nero 7 Demo
Adobe Reader 7.0.9 - Fran‡ais
Adobe Reader 7.0.5 Language Support
DivX Converter
Conquer 2.0
TuneUp Utilities 2007
Microsoft .NET Framework 1.1
Kaspersky Internet Security 6.0
Alcatel SpeedTouch USB Software
Logiciel QuickCam de Logitech
Windows Live Messenger


Finished
------------------------------------------------------------------
hijackthis.log


Logfile of HijackThis v1.99.1
Scan saved at 19:57:50, on 04/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\Demon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Program Files\MyCash\IEFilter\MyCashIESvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\WinZip\WZQKPICK.EXE
G:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0EE16FDA-348C-45D5-80BE-1954CD397F2A} - C:\PROGRA~1\MyCash\IEFilter\MyCashIE.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [MyCash IE Service] C:\Program Files\MyCash\IEFilter\MyCashIESvc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sheron1991.spaces.msn.com//PhotoUpload/MsnPUpld....
O16 - DPF: {59514505-D207-11D5-8D11-000102B211C7} (ActiveFormX Contrôle) - http://217.195.22.242/iShop_injector/PDownLoadActiveX.o...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolut...
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/zuma/ober...
O18 - Protocol: bw+0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: exalead - {39076C07-7014-41FF-A3CD-841360B1C2EC} - C:\Program Files\Exalead\Exalead Desktop\ExaScheme.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: 3.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: D - Sysinternals - www.sysinternals.com - C:\DOCUME~1\perso\LOCALS~1\Temp\D.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\perso\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

4 Mars 2007 20:06:55

re,
Webmediaplayer est un faux utilitaire!!!
Télcharge sur ton bureau RogueRemover de RubbeR DuckY : http://www.malwarebytes.org/RogueRemover.zip

* Cr le dossier C:\RogueRemover pour cela :
-- Ouvre le poste de travail
-- Ouvre le disque C
-- Clic sur le menu Fichier puis Nouveau puis Nouveau Dossier
-- Nomme-le RogueRemover
Dcompresse RogueRemover.zip dans C:\RogueRemove
- Rends-toi dans le dossier C:\RogueRemoveet double-clic sur le fichier RogueRemover.exe.
* Clic sur le bouton Scan et laisse toi guider.
* Lorsque le scan est terminé.
* Clic sur le bouton Save Log Files en bas, un fichier texte de type RRLogs1236.txt sera créé dans le dossier C:\RogueRemover.

Télécharge Navilog1.zip (Il Mafioso) ici:
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistre-le sur ton Bureau.
Dézippe le contenu de l'archive en faisant un Clique droit sur Navilog1.zip puis en choisissant Tout Extraire.

Double clique sur Navilog1.bat.
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2, 3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse

NOTE : Le rapport se trouve également ici : C:\fixnavi.txt

Récapitulation: rapport rogueremover + navilog
4 Mars 2007 20:10:10

ok je vous prévien quand j'ai fai tout sa^^
4 Mars 2007 20:35:16

désolé j'ai eu un prob
j'ai du relancé navilog
4 Mars 2007 20:43:21

RogueRemover ne ma pas demandé de faire un log car il a rien detecté :) 

navilog :

Search Navipromo version 1.0.5 commencé le 04/03/2007 à 20:34:20,16

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis A:\
Mise a jour le 03.03.2007 a 23h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***


WebMediaPlayer 1.0


*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***


C:\Program Files\WebMediaPlayer trouvé !


*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\perso\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1055.

[+] Started on 03/04/07 at 20:34:28.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .....................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 03/04/07 at 20:39:49 (return code = 0).


*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !


*** Recherche cles registre ***


Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control

HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-1606980848-1682526488-1708537768-1003\Software\Lanconfig trouvé !


*** Module de recherche complémentaire ***
(recherche fichiers spécifiques)

1)Recherche nouveaux fichiers connus:

2)Recherche Heuristique :
*
C:\WINDOWS\system32\fhydzin.dat
**
C:\WINDOWS\system32\fhydzin.dat
***
****
C:\WINDOWS\system32\fhydzin_navps.dat


*** Analyse Terminé le 04/03/2007 à 20:40:48,93 ***
4 Mars 2007 21:17:42

C'est bien une infection Egdaccess
Désinstalle si possible:
WebMediaPlayer
Redémarre en mode sans échec

Double clique sur Navilog1.bat.
Suis les instructions. Choisis ensuitel'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.

Ton bureau va disparaître, c'est normal !

Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"

Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver en mode normal.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
Redémarre normalement puis poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.

Ferme Internet Explorer puis Démarrer/Panneau de Configuration/Options Internet.
Choisis l'onglet Contenu puis onglet Certificats.
Si tu trouves les programmes suivant (en particulier dans Editeurs approuvés), supprime-les :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"
4 Mars 2007 21:20:40

webmediaplayer c'est par ajouter/supr si oui j'y est pas accé
je redemarre quand meme en mode sans echec?
et je suis la procédure?
4 Mars 2007 21:46:31

continue le reste de la procédure ;) 
4 Mars 2007 21:52:16

ook :)  je redemarre le pc je fiat un teste hijjacktihs et je t'envoi sa :) 
4 Mars 2007 21:59:10

nav:
Clean Navipromo version 1.0.5 commencé le 04/03/2007 à 21:47:46,61

Fix lancé depuis A:\
Mise a jour le 03.03.2007 a 23h00 by IL-MAFIOSO

Executé en mode sans echec

Mode suppression automatique avec prise en charge résultats Blacklight


*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)


*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***

C:\Program Files\WebMediaPlayer ...suppression...
C:\Program Files\WebMediaPlayer supprimé !


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\perso\Application Data ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\perso\Local Settings\Temp effectué !


*** Sauvegarde du registre vers dossier Backupnavi***


sauvegarde du registre réalisée avec succès !


*** Nettoyage registre ***


Nettoyage registre Ok

*** Traitement Recherche complémentaire ***

1)Recherche/Suppressions nouveaux fichiers connus:

2)Recherche Heuristique (Fichiers à supprimer si nécéssaire):
*
C:\WINDOWS\system32\fhydzin.dat
**
C:\WINDOWS\system32\fhydzin.dat
***
****
C:\WINDOWS\system32\fhydzin_navps.dat

*** Nettoyage termine le 04/03/2007 à 21:48:30,91 ***

---------------------------------------------------------------------


hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 21:55:52, on 04/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\Demon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Program Files\MyCash\IEFilter\MyCashIESvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
G:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0EE16FDA-348C-45D5-80BE-1954CD397F2A} - C:\PROGRA~1\MyCash\IEFilter\MyCashIE.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [MyCash IE Service] C:\Program Files\MyCash\IEFilter\MyCashIESvc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RogueMonitor] C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe /monitor
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sheron1991.spaces.msn.com//PhotoUpload/MsnPUpld....
O16 - DPF: {59514505-D207-11D5-8D11-000102B211C7} (ActiveFormX Contrôle) - http://217.195.22.242/iShop_injector/PDownLoadActiveX.o...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolut...
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/zuma/ober...
O18 - Protocol: bw+0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: exalead - {39076C07-7014-41FF-A3CD-841360B1C2EC} - C:\Program Files\Exalead\Exalead Desktop\ExaScheme.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {52A6CF1E-0604-46F4-9220-6FBEF137BDA9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: 3.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: D - Unknown owner - C:\DOCUME~1\perso\LOCALS~1\Temp\D.exe (file missing)
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\perso\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

4 Mars 2007 22:08:46

c'est mieux ;) 
Tu n'auras pas accès à Internet pendant la partie de la procédure qui reste. Enregistre cette page pour pouvoir la consulter hors-connexion : Fichier > Enregistrer sous ...
Dans "Type", choisis "Page Web, complète" et donne-lui un nom.

Télécharge AVG antispyware 7.5 (version d'évaluation) ici:
http://www.ewido.net/en/download/


* Lance AVG et clique sur "Mise à jour" dans la barre d'outils.
* Sous "Mise à jour manuelle" clique sur "Commencer la mise à jour".
* Une fois la mise à jour terminée, ferme AVG. Ne le lance pas tout de suite.


Télécharge et installe CCleaner ici:
http://www.ccleaner.com/download/builds.aspx



Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :


* Redémarre ton ordinateur.
* Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
* A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
* Choisis la première option pour exécuter Windows en mode sans échec, puis appuie sur "[Entrée]".
* Choisis ton compte.


Lance Ccleaner,
clique sur la touche "Analyse", puis sur le bouton "Lancer le nettoyage".
A la fin du nettoyage clique sur le bouton "Erreurs" et repare les erreurs.

Relance AVG Antispyware 7.5


* Clique sur "Analyse" dans la barre d'outils puis sur "Paramètres".
* Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine".
* Reclique sur "Analyse" puis sur "Analyse complète du système". Le scan peut durer, sois patient.
* AVG affichera une liste des fichiers détectés, sur la gauche.
* Si un fichier infecté est détecté en fin d'analyse, clique sur le bouton "Appliquer toutes les actions".
* AVG affichera "Toutes les actions ont été appliquées", à droite.
* Clique sur "Enregistrer le rapport", puis "Enregistrer le rapport sous". Ceci génère un rapport en fichier texte.
* Sauvegarde ce rapport dans un endroit sûr (sur ton Bureau, par exemple).


Redémarre en mode normal.

Poste le rapport AVG antispyware.
4 Mars 2007 23:19:35

je repond depuis un autre pc avg scanne encor il en a pour la nuit je pense si tu peux on reprend le travail demain vers 20h
4 Mars 2007 23:25:10

en tout cas merci pour tout
petetre a demain pour finire le travail ce serait génial
encore merci!!!car sans toi j'aurais pas pu faire tout sa!!
5 Mars 2007 16:53:39

rapport AVG :

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:47:33 05/03/2007

+ Résultat de l'analyse:



C:\Documents and Settings\perso\Bureau\FRoG 0.3.1\nk hack\nk hack.dll -> Adware.StartPage : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\perso\Bureau\FRoG 0.3.1\nk hack\nk hack.exe -> Adware.StartPage : Nettoyé et sauvegardé (mise en quarantaine).
H:\nk hack57.zip/nk hack.dll -> Adware.StartPage : Nettoyé et sauvegardé (mise en quarantaine).
H:\nk hack57.zip/nk hack.exe -> Adware.StartPage : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\perso\Bureau\FRoG 0.3.1\CnH\gear.zip/Win2000/³ÝÂÖNT.exe -> Backdoor.Trojan : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\perso\Bureau\FRoG 0.3.1\Cnwh 1.75.zip/CnH/gear.zip/Win2000/³ÝÂÖNT.exe -> Backdoor.Trojan : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\perso\Bureau\tools\util\data_recovery\Patch fr.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Administrateur\Cookies\administrateur@atdmt[1].txt -> TrackingCookie.Atdmt : Marqué en vue d'être supprimé au redémarrageErreur inconnue
C:\Documents and Settings\Administrateur\Cookies\administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Marqué en vue d'être supprimé au redémarrageErreur inconnue
C:\Documents and Settings\perso\Bureau\FRoG 0.3.1\CnH\gear.zip/98_Me/±äËÙ³ÝÂÖ.exe -> Trojan.Agent : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\perso\Bureau\FRoG 0.3.1\Cnwh 1.75.zip/CnH/gear.zip/98_Me/±äËÙ³ÝÂÖ.exe -> Trojan.Agent : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\perso\Bureau\Nouveau dossier\EcstaticCheat\EcstaticCheat.exe -> Trojan.Agent.bbx : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\perso\Bureau\Nouveau dossier (2)\Mic_Cheat_v2\Mic (MsDos).exe -> Trojan.Mygot : Nettoyé et sauvegardé (mise en quarantaine).
G:\fd psft\CS-HACKED.COM-Simple-FFX-by-zh4r0naX.rar/Simple FFX\SimpleFFX.exe -> Trojan.Mygot : Nettoyé et sauvegardé (mise en quarantaine).
H:\CS-HACKED.COM-Mic_Cheat_v2.rar/Mic_Cheat_v2\Mic (MsDos).exe -> Trojan.Mygot : Nettoyé et sauvegardé (mise en quarantaine).
H:\Pain ESP v1.1.zip/Pain ESP.exe -> Trojan.Mygot : Nettoyé et sauvegardé (mise en quarantaine).
H:\Pain ESP.exe -> Trojan.Mygot : Nettoyé et sauvegardé (mise en quarantaine).
5 Mars 2007 17:43:11

c'est bon
autres problèmes?
5 Mars 2007 18:50:54

bah oui toujours pas de barre des taches de sons et je ne peu pas faire de transfere de fichiers :s
5 Mars 2007 18:51:43

???
Télécharge Clean.zip (de Malekal) ici:
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
5 Mars 2007 19:05:55

mon antivirus me dit que pskill.exe (ds le fichier que tu ma dit de prendre est un virus mais je pense que c'est normal alors je ne le suprime pas^^)
Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 05/03/2007 a 19:01:15,91

*** Recherche de fichiers sur C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

"C:\Program Files\Adverts\" FOUND
"C:\Program Files\GameHouse\" FOUND
*** Fin du rapport !
5 Mars 2007 19:07:48

re,
ce n'est pas un virus ;) 
l'antivirus le détecte comme un risque, t'en fais pas...
mais l'important c'est que de ce que je vois ça va en mieux :) 

Redémarre en mode sans échec

Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.

Redémarre normalement

- Poste le rapport clean : C:\rapport_clean.txt
5 Mars 2007 19:21:53

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 05/03/2007 a 19:15:44,11

Microsoft Windows XP [version 5.1.2600]

*** Suppression de fichiers sur C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

tentative de suppression de "C:\Program Files\Adverts\"
tentative de suppression de "C:\Program Files\GameHouse\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
5 Mars 2007 19:53:58

Tu n'auras pas accès à Internet pendant la partie de la procédure qui reste. Enregistre cette page pour pouvoir la consulter hors-connexion : Fichier > Enregistrer sous ...
Dans "Type", choisis "Page Web, complète" et donne-lui un nom.

Télécharge AVG antispyware 7.5 (version d'évaluation) ici:
http://www.ewido.net/en/download/


* Lance AVG et clique sur "Mise à jour" dans la barre d'outils.
* Sous "Mise à jour manuelle" clique sur "Commencer la mise à jour".
* Une fois la mise à jour terminée, ferme AVG. Ne le lance pas tout de suite.


Télécharge et installe CCleaner ici:
http://www.ccleaner.com/download/builds.aspx



Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :


* Redémarre ton ordinateur.
* Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
* A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
* Choisis la première option pour exécuter Windows en mode sans échec, puis appuie sur "[Entrée]".
* Choisis ton compte.


Lance Ccleaner,
clique sur la touche "Analyse", puis sur le bouton "Lancer le nettoyage".
A la fin du nettoyage clique sur le bouton "Erreurs" et repare les erreurs.

Relance AVG Antispyware 7.5


* Clique sur "Analyse" dans la barre d'outils puis sur "Paramètres".
* Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine".
* Reclique sur "Analyse" puis sur "Analyse complète du système". Le scan peut durer, sois patient.
* AVG affichera une liste des fichiers détectés, sur la gauche.
* Si un fichier infecté est détecté en fin d'analyse, clique sur le bouton "Appliquer toutes les actions".
* AVG affichera "Toutes les actions ont été appliquées", à droite.
* Clique sur "Enregistrer le rapport", puis "Enregistrer le rapport sous". Ceci génère un rapport en fichier texte.
* Sauvegarde ce rapport dans un endroit sûr (sur ton Bureau, par exemple).


Redémarre en mode normal.

Poste le rapport AVG antispyware.
5 Mars 2007 20:00:16

on a deja fait sa :) 
j'ai récupéré ma barre des tache maintenan les probleme sont que je peut pas déplacé les fichiers ni copier/collé
quand je veut ouvrire windows média player il me dit "impossible d'éffectuer l'opération , mémoire insufisante
les icone bureau sont comme figé mes il fontionne quand meme
copier/collé marche pas
impossible de transferé un dossier du bureau vers une de mes disque dure ou de mon disque dur vers le bureu
5 Mars 2007 20:53:17

nouveau problemme la barre des taches est apparante mais inactife si tu prefere elle ne montre pas si j'ai des page ouverte
5 Mars 2007 22:33:37

on essaie encore un dernier essai
Telecharge Blacklight ici:
http://www.01net.com/outils/telecharger/windows/Securit...

Puis clique sur "I ACCEPT" en bas de la page et clique sur le premier "Download" et sauvegarde le sur ton bureau.

clique sur "blbeta.exe" et accepte la license puis clique sur "Scan" et par la suite "Next" et a la fin du scan surtout ne touche a rien.

Tu verra un raport sur ton bureau nomer "fsbl.xxxxxxx.log" ( les X étant des chiffres)
Poste le rapport pour pouvoir l'analyser.
6 Mars 2007 15:33:13

désolée j'ai pas pu répondre avant
le scan avec Blacklight et en cour:) 
6 Mars 2007 15:39:20

03/06/07 15:31:17 [Info]: BlackLight Engine 1.0.55 initialized
03/06/07 15:31:17 [Info]: OS: 5.1 build 2600 (Service Pack 2)
03/06/07 15:31:18 [Note]: 7019 4
03/06/07 15:31:18 [Note]: 7005 0
03/06/07 15:31:25 [Note]: 7006 0
03/06/07 15:31:25 [Note]: 7011 4008
03/06/07 15:31:27 [Note]: 7026 0
03/06/07 15:31:28 [Note]: 7026 0
03/06/07 15:32:29 [Note]: FSRAW library version 1.7.1021
03/06/07 15:32:29 [Note]: 2000 1012
03/06/07 15:32:29 [Note]: 2000 1012
6 Mars 2007 18:56:27

j'y arrive plus...
je consulte un pro
6 Mars 2007 19:15:02

reposte un nouveau hijackthis
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS