Gros soucis multiples trojans et spywares

Logfile of HijackThis v1.99.1
Scan saved at 22:34:03, on 01/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Avast4\aswUpdSv.exe
F:\Program Files\Avast4\ashServ.exe
F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
F:\WINDOWS\System32\CTsvcCDA.EXE
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
F:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\Tablet.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
F:\WINDOWS\windat.exe
F:\WINDOWS\system32\cmd.exe
F:\WINDOWS\system32\ftp.exe
F:\WINDOWS\cytob.exe
F:\WINDOWS\system32\wincntrl.exe
F:\Program Files\Logitech\MouseWare\System\em_exec.exe
F:\Program Files\Microsoft AntiSpyware\gcasServ.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Avast4\ashMaiSv.exe
F:\Program Files\Avast4\ashWebSv.exe
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - F:\WINDOWS\System32\cbaxx.dll
O2 - BHO: MSEvents Object - {FC148228-87E1-4D00-AC06-58DCAA52A4D1} - F:\WINDOWS\System32\wvwur.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Intel Service Drivers] msconfig16.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft messenger] msnger.exe
O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\RunServices: [Intel Service Drivers] msconfig16.exe
O4 - HKLM\..\RunServices: [Microsoft messenger] msnger.exe
O4 - HKCU\..\Run: [Intel Service Drivers] msconfig16.exe
O4 - HKCU\..\Run: [Microsoft messenger] msnger.exe
O4 - HKCU\..\RunServices: [Intel Service Drivers] msconfig16.exe
O4 - HKCU\..\RunServices: [Microsoft messenger] msnger.exe
O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
O8 - Extra context menu item: &MSN Search - res://F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?2f81a745897e440c9f2a595a7d8758d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?2f81a745897e440c9f2a595a7d8758d
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab
O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {65E54F1B-545F-486A-B33A-39EB01425FD0} - (no file)
O19 - User stylesheet: (file missing)
O20 - Winlogon Notify: cbaxx - F:\WINDOWS\SYSTEM32\cbaxx.dll
O20 - Winlogon Notify: khffd - F:\WINDOWS\
O20 - Winlogon Notify: WebCheck - F:\WINDOWS\system32\en4sl1h71.dll
O20 - Winlogon Notify: wvwur - F:\WINDOWS\System32\wvwur.dll
O23 - Service: aim.ex - Unknown owner - F:\WINDOWS\iexplorer.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Intranet Service (IntranetService) - Unknown owner - intranet.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - F:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: System Manager Service (SMSC) - Unknown owner - F:\WINDOWS\smsc.exe (file missing)
O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Windows Archiver (winarc) - Unknown owner - F:\WINDOWS\windat.exe
O23 - Service: WindowsSysBoot - Unknown owner - F:\WINDOWS\cytob.exe
O23 - Service: MS Dns Service (WinNet) - Unknown owner - F:\WINDOWS\system32\wincntrl.exe

Rebonsoir, j'ai fais comme tu as dit cependant : impossible de trouver et de supprimer :
F:\WINDOWS\iexplorer.exe
intranet.exe
F:\WINDOWS\windat.exe
F:\WINDOWS\system32\wincntrl.exe

et impossible de supprimer F:\WINDOWS\System32\wvwur.dll

voici le hijacks :

Logfile of HijackThis v1.99.1
Scan saved at 00:32:15, on 02/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Avast4\aswUpdSv.exe
F:\Program Files\Avast4\ashServ.exe
F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
F:\WINDOWS\System32\whkwi.exe
F:\WINDOWS\System32\CTsvcCDA.EXE
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\Tablet.exe
F:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Microsoft AntiSpyware\gcasServ.exe
F:\WINDOWS\system32\cmd.exe
F:\Program Files\Avast4\ashMaiSv.exe
F:\WINDOWS\system32\ftp.exe
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe
F:\Program Files\Avast4\ashWebSv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TSC.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - F:\WINDOWS\system32\cbaxx.dll
O2 - BHO: MSEvents Object - {FC148228-87E1-4D00-AC06-58DCAA52A4D1} - F:\WINDOWS\System32\wvwur.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [Microsoft Updote] whkwi.exe
O4 - HKLM\..\RunServices: [Microsoft Updote] whkwi.exe
O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
O8 - Extra context menu item: &MSN Search - res://F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?2f81a745897e440c9f2a595a7d8758d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?2f81a745897e440c9f2a595a7d8758d
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab
O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: cbaxx - F:\WINDOWS\SYSTEM32\cbaxx.dll
O20 - Winlogon Notify: RunOnceEx - F:\WINDOWS\system32\enr8l19u1.dll
O20 - Winlogon Notify: wvwur - F:\WINDOWS\System32\wvwur.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - F:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

merci de ta patience.

L2MFIX find log 1.04a
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbaxx]
"Asynchronous"=dword:00000001
"DllName"="cbaxx.dll"
"Impersonate"=dword:00000000
"Logon"="Logon"
"Logoff"="Logoff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnceEx]
"Asynchronous"=dword:00000000
"DllName"="F:\\WINDOWS\\system32\\enr8l19u1.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvwur]
"Asynchronous"=dword:00000001
"DllName"="F:\\WINDOWS\\System32\\wvwur.dll"
"Impersonate"=dword:00000000
"Startup"="SysLogon"
"Logoff"="SysLogoff"


RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access AUTORITE NT\SYSTEM
(IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE


**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{725D6E80-130C-87C1-A4F7-14D07FAA9940}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extension de l'interpr‚teur de commande pour Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{57C51AF9-DEF7-11D3-A801-00C04F163490}"="Ghost Shell Extension"
"{32020A01-506E-484D-A2A8-BE3CF17601C3}"="AlcoholShellEx"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{65756541-C65C-11CD-0000-4B656E696100}"="Panda Antivirus"
"{780BCB64-0CAF-473c-A9FC-E08C03D75515}"="Matroska Shell Extension, Properties Page CLSID"
"{78DC191E-EFC1-4532-9A71-224577A86A7D}"="Matroska Shell Extension, Thumbnail Handler CLSID"
"{794D04CA-70AC-4020-80EB-FFD59DEF8027}"="Matroska Shell Extension, Tooltip Provider CLSID"
"{789111D8-68A3-46a3-9663-145A3FF4C9C9}"="Matroska Shell Extension, ContextMenu CLSID"
"{781395AF-A127-469f-A06F-59B482AF4F3F}"="Matroska Shell Extension, Column Provider CLSID"
"{79BC0345-1015-11D2-A299-006008312725}"="blue.shell"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{B446400D-0030-457b-8F64-422A19605186}"="Logitech Gallery"
"{472083B0-C522-11CF-8763-00608CC02F24}"="avast"
"{63542C48-9552-494A-84F7-73AA6A7C99C1}"="OpenOffice Property Sheet Handler"
"{0AC6C6C5-F7A8-11D2-BEF4-00C04F990001}"="Macromedia FTP & RDS"
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}"="My Logitech Pictures"
"{17089F83-4D23-4CC0-9496-53AF9ADC526F}"=""
"{684C994D-37A5-449B-8A08-20ECC54ADAED}"=""
"{177C8E85-3499-4D47-BBC6-6A9D758FEEB1}"=""
"{88EF9757-814B-4488-8062-D0FE342E863F}"=""
"{13E7F612-F261-4391-BEA2-39DF4F3FA311}"="Windows Desktop Search"
"{97090E2F-3062-4459-855B-014F0D3CDBB1}"="MSN Deskbar"
"{48F45200-91E6-11CE-8A4F-0080C81A28D4}"="TMD Shell Extension"
"{771A9DA0-731A-11CE-993C-00AA004ADB6C}"="VBPropSheet"
"{96DACD3B-B03A-4526-AF3E-6A65ED85CE49}"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D426CFD0-87FC-4906-98D9-A23F5D515D61}]
@="MSN Desktop Search Outlook Express ISearchFolder Class"

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{17089F83-4D23-4CC0-9496-53AF9ADC526F}]
@=""
"IDEx"="ADDR"

[HKEY_CLASSES_ROOT\CLSID\{17089F83-4D23-4CC0-9496-53AF9ADC526F}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{17089F83-4D23-4CC0-9496-53AF9ADC526F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{17089F83-4D23-4CC0-9496-53AF9ADC526F}\InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{177C8E85-3499-4D47-BBC6-6A9D758FEEB1}]
@=""
"IDEx"="AD"

[HKEY_CLASSES_ROOT\CLSID\{177C8E85-3499-4D47-BBC6-6A9D758FEEB1}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{177C8E85-3499-4D47-BBC6-6A9D758FEEB1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{177C8E85-3499-4D47-BBC6-6A9D758FEEB1}\InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{96DACD3B-B03A-4526-AF3E-6A65ED85CE49}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{96DACD3B-B03A-4526-AF3E-6A65ED85CE49}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{96DACD3B-B03A-4526-AF3E-6A65ED85CE49}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{96DACD3B-B03A-4526-AF3E-6A65ED85CE49}\InprocServer32]
@="F:\\WINDOWS\\system32\\ueerenv.dll"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:
Locate .tmp files:
Directory Listing of system files:
Le volume dans le lecteur F n'a pas de nom.
Le num‚ro de s‚rie du volume est 28CD-EBE6

R‚pertoire de F:\WINDOWS\System32

02/11/2005 00:40 185ÿ679 ruwvw.ini
02/11/2005 00:30 234ÿ193 ueerenv.dll
02/11/2005 00:30 235ÿ538 ir4ol5h31.dll
02/11/2005 00:20 235ÿ263 j0p0la7m1d.dll
01/11/2005 23:50 234ÿ272 lvp0097me.dll
01/11/2005 23:35 235ÿ659 dllayx.dll
01/11/2005 23:35 234ÿ193 enr8l19u1.dll
01/11/2005 22:58 189ÿ952 whkwi.exe
01/11/2005 22:56 235ÿ509 enrol1931.dll
01/11/2005 22:46 234ÿ752 l4l60e3seh.dll
01/11/2005 22:27 235ÿ063 hr4u05h9e.dll
01/11/2005 20:16 235ÿ569 enn4l15q1.dll
31/10/2005 18:33 180ÿ844 ruwvw.bak1
29/10/2005 17:33 180ÿ844 ruwvw.bak2
29/10/2005 14:58 236ÿ032 wincntrl.exe
28/10/2005 10:34 174ÿ651 dffhk.ini
28/10/2005 09:21 175ÿ944 dffhk.bak1
19/10/2005 11:07 <REP> dllcache
02/06/2005 17:27 1ÿ890 KGyGaAvL.sys
27/04/2004 17:38 <REP> Microsoft
11/01/2004 11:16 32 {7DB2476F-C91B-4C46-896C-583464AE1325}.dat
11/01/2004 11:15 32 {66A3443B-B25A-4CF6-999E-BE144264BD48}.dat
11/01/2004 11:15 32 {84C35323-0607-4AD5-B514-35F49C0B5B91}.dat
11/01/2004 11:13 32 {CD6C43A1-7017-4896-872D-080E4A3479C1}.dat
11/01/2004 11:13 32 {EAA976E1-6E3E-44B0-8E4A-8662D824270E}.dat
11/01/2004 11:13 32 {08BD0C93-BC33-4D9C-9CB1-1F5770CF1F31}.dat
24 fichier(s) 3ÿ676ÿ039 octets
2 R‚p(s) 4ÿ357ÿ496ÿ832 octets libres


Merci beaucoup, bonne nuit.
A demain bizz.

Pas bien dormie, manque de sommeil ;))) et l'ordi qui a failli ne jamais redemarrer !!!
voici le hijack du matin

Logfile of HijackThis v1.99.1
Scan saved at 10:24:54, on 02/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Avast4\aswUpdSv.exe
F:\Program Files\Avast4\ashServ.exe
F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
F:\WINDOWS\System32\whkwi.exe
F:\WINDOWS\System32\CTsvcCDA.EXE
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
F:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\Tablet.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\Program Files\Microsoft AntiSpyware\gcasServ.exe
F:\Program Files\Avast4\ashMaiSv.exe
F:\WINDOWS\system32\cmd.exe
F:\WINDOWS\system32\ftp.exe
F:\Program Files\Avast4\ashWebSv.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TSC.EXE
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - F:\WINDOWS\system32\cbaxx.dll
O2 - BHO: MSEvents Object - {FC148228-87E1-4D00-AC06-58DCAA52A4D1} - F:\WINDOWS\System32\wvwur.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [Microsoft Updote] whkwi.exe
O4 - HKLM\..\RunServices: [Microsoft Updote] whkwi.exe
O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
O8 - Extra context menu item: &MSN Search - res://F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?2f81a745897e440c9f2a595a7d8758d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?2f81a745897e440c9f2a595a7d8758d
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab
O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: cbaxx - F:\WINDOWS\SYSTEM32\cbaxx.dll
O20 - Winlogon Notify: RunOnceEx - F:\WINDOWS\system32\ir4ol5h31.dll
O20 - Winlogon Notify: wvwur - F:\WINDOWS\System32\wvwur.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - F:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Bon bilan de la journée : ce matin j'ai fait tout comme tu as dis, ca n'a eu aucun effet.
J'ai réessayer ce soir où j'avais plus de temps : voici le hijack, le bmoc note de l2mfix ne s'est pas affiché apres le redemarrage.

Logfile of HijackThis v1.99.1
Scan saved at 19:06:08, on 02/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\System32\rundll32.exe
F:\Program Files\Avast4\aswUpdSv.exe
F:\Program Files\Avast4\ashServ.exe
F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
F:\WINDOWS\System32\CTsvcCDA.EXE
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\Program Files\Yahoo!\Messenger\ypager.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\Tablet.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
F:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\WINDOWS\system32\cmd.exe
F:\WINDOWS\system32\ftp.exe
F:\Program Files\Microsoft AntiSpyware\gcasServ.exe
F:\Program Files\Avast4\ashWebSv.exe
F:\Program Files\Avast4\ashMaiSv.exe
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: :127.0.0.1
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "F:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
O8 - Extra context menu item: &MSN Search - res://F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?2f81a745897e440c9f2a595a7d8758d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?2f81a745897e440c9f2a595a7d8758d
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall.trendmicro.com/housecall/xscan53.cab
O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - F:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Elwido ne me signale plus d'attaques comme j'avais avant, c'est plutot bon signe, juste une du spyware look2me. Sinon toujours autant de fenetres popup qui s'ouvrent toute seule, sais tu pourquoi l'anti popup de la msn bar ne les bloque pas comme elle l'avait toujours fait avant ??
Merci beaucoup !!

Voici le rapport de scan ewido :

il y avait du boulot !!!

---------------------------------------------------------
ewido security suite - Rapport de scan
---------------------------------------------------------

+ Créé le: 19:15:53, 03/11/2005
+ Somme de contrôle: D42CC47C

+ Résultats du scan:

HKLM\SOFTWARE\Classes\MSEvents.MSEvents -> Spyware.VirtuMonde : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\MSEvents.MSEvents\CLSID -> Spyware.VirtuMonde : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\MSEvents.MSEvents\CurVer -> Spyware.VirtuMonde : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\MSEvents.MSEvents.1 -> Spyware.VirtuMonde : Nettoyer et sauvegarder
[1140] F:\WINDOWS\system32\sulgntfy.dll -> Spyware.Look2Me : Erreur durant le nettoyage
[1268] F:\WINDOWS\system32\vvrbis.dll -> Spyware.Look2Me : Erreur durant le nettoyage
F:\!KillBox\wvwur.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
:mozilla.18:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.19:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.20:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.21:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.22:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.23:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.24:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.25:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.26:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.30:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder
:mozilla.37:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Sitestat : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-234847-309.dll -> TrojanDownloader.Agent.yf : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-234847-944.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-235308-526.dll -> TrojanDownloader.Agent.yf : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-235308-833.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-235508-197.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-235508-740.dll -> TrojanDownloader.Agent.yf : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-235844-221.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051101-235844-992.dll -> TrojanDownloader.Agent.yf : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051102-110304-614.dll -> TrojanDownloader.Agent.yf : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051102-110304-875.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051102-130416-156.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\backups\backup-20051102-185319-357.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@2o7[1].txt -> Spyware.Cookie.2o7 : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@casinotropez[2].txt -> Spyware.Cookie.Casinotropez : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@paypopup[2].txt -> Spyware.Cookie.Paypopup : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@www.casinotropez[2].txt -> Spyware.Cookie.Casinotropez : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\PQ0STCDN\web[1].exe -> TrojanDownloader.Small.bnj : Nettoyer et sauvegarder
F:\WINDOWS\system32\cpusapi.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\dllayx.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\en48l1hu1.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\enn4l15q1.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\enrol1931.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\f80o0id3e80.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\guard.tmp -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\hr4u05h9e.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\j0p0la7m1d.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\l46o0ej3eho.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\l4l60e3seh.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\lvp0097me.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\wT2topl.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\wvwur.dll -> Spyware.Virtumonde : Nettoyer et sauvegarder
F:\WINDOWS\system32\__delete_on_reboot__MAC71CHT.DLL -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\__delete_on_reboot__mlctfp.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\__delete_on_reboot__nutrap.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\__delete_on_reboot__vvrbis.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
F:\WINDOWS\system32\__delete_on_reboot__wznstrm.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
::Fin du rapport

Sinon pour les pubs, elles apparaissent régulièrement meme qd je n'ouvre pas de pages ie.
Des pubs pour des smileys, des sites de rencontres des casinos ......, il y en a pour tout les gouts !!!!

Enfin le nouveau rapport ewido, ca prend un temps fou !!!

---------------------------------------------------------
ewido security suite - Rapport de scan
---------------------------------------------------------

+ Créé le: 23:39:00, 03/11/2005
+ Somme de contrôle: 6110DF40

+ Résultats du scan:

[1084] F:\WINDOWS\system32\sulgntfy.dll -> Spyware.Look2Me : Erreur durant le nettoyage
[1268] F:\WINDOWS\system32\mcwsock.dll -> Spyware.Look2Me : Erreur durant le nettoyage
:mozilla.9:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
:mozilla.10:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
:mozilla.11:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Hitbox : Nettoyer et sauvegarder
:mozilla.13:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.14:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.15:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.16:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.17:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.18:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.22:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.23:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.27:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder
:mozilla.33:F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cookies.txt -> Spyware.Cookie.Sitestat : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@adtech[2].txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@com[2].txt -> Spyware.Cookie.Com : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@paypopup[1].txt -> Spyware.Cookie.Paypopup : Nettoyer et sauvegarder
F:\Documents and Settings\Ramissou\Cookies\ramissou@weborama[1].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder
F:\WINDOWS\system32\wincntrl.exe -> Backdoor.Rbot.ahp : Nettoyer et sauvegarder
F:\WINDOWS\system32\__delete_on_reboot__mcwsock.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
::Fin du rapport

Merci, merci ....
Bonne nuit.

Re,
Alors j'ai fais comme tu as dit seulement :

F:\WINDOWS\system32\sulgntfy.dll est présent mais insupprimable car "deja ulitiser par une autre programme". Sais tu de quel programme il peut s'agir ??

Les autres fichiers sont introuvables.

a++

Je m'excuse, mais ca ne marche pas plus en mode sans échec, désolée.

Encore et toujours merci de ton attention.

De retour on the web, ne t'inquiètes pas je ne laisse pas tomber.

SilentRunners ne marche pas, je te recopie le message d'erreur que ca m'affiche qd je le lance.

WINDOWS SCRIPT HOST
Script : c:\telechargements...............\SilentRunners.vbs
Ligne : 637
Caract : 2
Erreur : 0X80041003
Code : 80041003
Source : (null)

et voila le fichier texte qu'il me cree :
"Silent Runners.vbs", revision 41, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"

je ne sais pas si ca va t'aider...
merci a+