Virus Sasser? impossible de s'en debarasser

Résolu
thierry -  
 Utilisateur anonyme -
Bonjour,

j'ai choppé un virus ce mercredi.
D'après les symptomes, cela doit etre le virus Sasser (compte a rebours, erreur de lsass.exe etc...).
J'ai lu a peu près 200 messages a ce sujet, utilisé tous les patchs qui existe contre sasser, 3 antivirus, 3 desinfections en ligne et... toujours la!
Est ce une nouvelle version de Sasser?
Est ce autre chose que sasser?

J'ai vu sur des forum que certain laissaient leur hijackthis... je ne sais pas ce que c'est, mais si ca peut vous aider à m'aider...
Je vous remercie d'avance.

Logfile of HijackThis v1.99.1
Scan saved at 18:26:32, on 17/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\system32\nhsrvice.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ADT-Image\ALC\Prog\Alc\InterBase\bin\ibserver.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Utilisateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: ADT-Image.lnk = ?
O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4825/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apache2 - Unknown owner - C:\Program Files\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: HASP Loader - Aladdin Knowledge Systems - C:\WINDOWS\system32\nhsrvice.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

13 réponses

Résumé de la discussion

Problème d'infection informatique sur Windows XP SP2 avec des symptômes évoquant le virus Sasser (compte à rebours et erreur lsass.exe) et échec du nettoyage malgré plusieurs antivirus et désinfections. Les analyses fournissent des signes de suspicion via HijackThis et des rapports antivirus externes, montrant des services problématiques, notamment des applications en arrière-plan et le Trojan-Proxy.Win32.Dlena.s. Plusieurs intervenants recommandent de tenter les mises à jour Windows pour combler les vulnérabilités et rétablir la sécurité, tout en évoquant une impossibilité d'accéder au service Windows Update. Le fil évoque aussi des aides comme la remise de rapports HijackThis et l'analyse de fichiers suspects, en insistant sur une approche coordonnée entre diagnostics et nettoyage, sans conclure sur l'état final.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    Salut,

    Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - Global Startup: ADT-Image.lnk = ?
    O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4825/mcfscan.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
    O23 - Service: HASP Loader - Aladdin Knowledge Systems - C:\WINDOWS\system32\nhsrvice.exe
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

    Clic sur demarrer, executer, tape: services.msc ,cherche dans la liste ces lignes et regle les sur "desactivé"

    HASP Loader - Aladdin Knowledge Systems
    MySQL

    Règle celle-ci sur "manuel"

    GEARSecurity

    Fais ce nettoyage: (à faire réguliérement)

    ¤Telecharges et installes ceci:
    CCleaner:
    Ccleaner

    dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
    Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

    ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

    Cherche et supprime ces fichiers:

    nhsrvice.exe
    Program.exe

    NOTE:
    Si un fichier persiste lors de la suppression fais ceci:
    -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

    Tu as quoi comme logiciels anti-spywares ?

    A++
    0
    1. thierry
       
      salut

      merci pour ta réponse, je vais essayer.

      Pour info, j'ai ad-aware et spy boat .

      Bye
      0
  2. thierry
     
    Lut,

    j'ai fait ce que tu m'as dit, mais a priori ca ne change rien.

    Je n'arrive plus a démarré normalement, donc j'ai tout fait en mode sans echec.

    Est-ce important?
    0
  3. Kritian Messages postés 10 Statut Membre 16
     
    Salut Thierry, pour ton problême il faut en premier lieu que tu identifie précisement le malware qui est dans ton ordi ensuite tu desactive la restauration du systême car le virus se replique dans les fichiers de restaurations puis tu te mets en mode sans echec pour eradiquer la bestiole par un procédé spécifique au malware précédamment identifier.Si tu arrive à trouver le nom exact de ton malware (virus,trojan,ver,rootkit...)je peux te donner la marche à suivre ultérieurement.Pour le debut,si tu as windows xp sp2 à jour, tu peux essayer ça pour l'identification :
    sur le bureau : démarrer, exécuter , taper "mrt" dans le cadre, suivant, choisir "complete" et enfin , suivant.Le nombre de virus détecté est restreint mais il s'agit des plus virulent et recalcitrant.Si le tient n'est pas de ceux-la, l' enlever ne sera pas trop difficile.Bon courage!
    0
  4. thierry
     
    salut Kritian

    aucun logiciel maveillant detecté.

    C'est ca le problème, aucun antivirus ou logiciel ne detecte un virus...

    Je ne sais plus quoi faire.
    0
    1. Utilisateur anonyme
       
      Salut,

      peux tu remettres un rapport Hijackthis fait de préference en mode normal!

      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. laurentino83 Messages postés 20 Statut Membre
     
    Je suis toutes les files concernant le virus Sasser , (je crois l'avoir chopé -Message Autorite NT\systeme et compte à rebours ...)De plus je reçois des messages de mon FAI m'indiquant que j'ai un OPEN PROXY...
    voila j'ai déja fait un hijackthis dont voici le contenu.
    Merci de m'aider, je patauge un peu.........
    *********************************

    Logfile of HijackThis v1.99.1
    Scan saved at 17:58:32, on 18/08/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
    C:\Program Files\oneclick\oneclick.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\rpcc.exe
    C:\WINDOWS\System32\dxvwfiub.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Calendrier\Cld2000.exe
    C:\WINDOWS\System32\services.exe
    C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Documents and Settings\Administrateur\Bureau\emule\emule.exe
    c:\program files\club-internet\naviclub\naviclub.exe
    C:\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Acrobat IE Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
    O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
    O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
    O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [seekmo] C:\Program Files\Seekmo\seekmo.exe
    O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
    O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
    O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\AntiViral Toolkit Pro\avpm.exe
    O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
    O4 - Global Startup: FlowProtector 2005.lnk = C:\Program Files\CheckFlow\FlowProtector\FlowProtector2005.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
    O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe
    O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    0
    1. Utilisateur anonyme
       
      on va refaire une touche de nettoyage ;-)

      Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
      O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
      O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [seekmo] C:\Program Files\Seekmo\seekmo.exe
      O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
      O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
      O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe


      Clic sur demarrer, poste de travail, C:, program files, cherche et supprime ce dossier:

      Seekmo

      Clic sur demarrer, poste de travail, C:, program files, Common files, et supprime ce dossier:


      SearchUpgrader

      Fais une recherche de ces fichiers supprime les si présent:

      dxvwfiub.exe
      stonedrv.exe
      xpupdate.exe
      dxvwfiub.exe

      NOTE:
      *Si un fichier persiste lors de la suppression fais ceci:
      -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement


      Installe un anti-virus car tu en as pas apparement, en voici un!


      Avast: (anti-virus gratuit en français!)
      Avast Antivirus



      Tiens nous au courant dès que tu aura fait tout ça, pense à remettre un nouveau rapport hijackthis par la suite
      0
  7. laurentino83 Messages postés 20 Statut Membre
     
    Salut boulepate62!
    J'ai fait l'opération sous hijackthis.
    Puis les fichiers que tu me demandes de supprimer sont inconnus sous les directory cités...(Seekmo,etc...)
    Même en mode sans échec.
    C'est vrai que la je n'ai pas d'anti-virus .en fait je l'ai supprimé (AVAST-tant bien que mal) car à chaque connexion , il me signalait la présence d'un virus , même en cliquant sur réparer ou supprimer, j'avais sans cesse les messages (en plus avec Avast on a la petite voix qui nous le signale -énervant à la fin...)
    Bref si je l'avais pas supprimé, je serais encore en train de cliquer sur "réparer".
    Cependant, voici un nouveau rapport Hijackthis....@+
    *************************************
    Logfile of HijackThis v1.99.1
    Scan saved at 05:57:57, on 20/08/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
    C:\Program Files\oneclick\oneclick.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\windows\system32\stonedrv.exe
    C:\WINDOWS\System32\rpcc.exe
    C:\WINDOWS\System32\dxvwfiub.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Calendrier\Cld2000.exe
    C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    C:\WINDOWS\System32\services.exe
    C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    c:\program files\club-internet\naviclub\naviclub.exe
    C:\WINDOWS\explorer.exe
    C:\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Acrobat IE Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
    O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
    O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
    O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
    O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [seekmo] C:\Program Files\Seekmo\seekmo.exe
    O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
    O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
    O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\AntiViral Toolkit Pro\avpm.exe
    O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
    O4 - Global Startup: FlowProtector 2005.lnk = C:\Program Files\CheckFlow\FlowProtector\FlowProtector2005.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
    O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe
    O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    0
    1. Utilisateur anonyme
       
      Salut Laurentino

      réinstalle Avast car s'il te donne des alertes comme quoi il y a des virus c'est qu'il fait son travail, c'est le but d'avoir un anti-virus pour nous proteger et avertir en cas de virus.

      Pour la petite voix tu peux la couper dans les "preferences" si mes souvenirs sont bons.

      Remets Avast puis fait ça:

      Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
      Une fois qu'il a terminé colle le rapport ici stp avec un nouveau rapport hijackthis

      https://www.bitdefender.com/toolbox/


      A++
      0
      1. laurentino83 > Utilisateur anonyme
         
        Re,
        Concernant l'antivirus , j'ai deja installé antivir...
        voici le rapport bitdefender:

        BitDefender Online Scanner - Real Time Virus Report



        Generated at: Tue, Aug 22, 2006 - 13:14:44


        --------------------------------------------------------------------------------





        Scan Info



        Scanned Files
        272613

        Infected Files
        12








        Virus Detected



        Backdoor.Newartm.A
        1

        BehavesLike:Win32.SiteHijack
        8

        Trojan.Downloader.Agent.AFB
        1

        Backdoor.Delf.AML
        1

        Trojan.Spy.Agent.MN
        1

        ************************************
        et voici le rapport hijackthis:

        Logfile of HijackThis v1.99.1
        Scan saved at 13:17:55, on 22/08/2006
        Platform: Windows XP SP1 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
        C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\oneclick\oneclick.exe
        C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
        C:\WINDOWS\System32\LVCOMSX.EXE
        C:\Program Files\Logitech\Video\LogiTray.exe
        C:\WINDOWS\System32\rpcc.exe
        C:\WINDOWS\System32\dxvwfiub.exe
        C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
        C:\Program Files\Logitech\Video\FxSvr2.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        C:\Program Files\Calendrier\Cld2000.exe
        C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
        C:\WINDOWS\System32\services.exe
        C:\Program Files\Club-Internet\Lanceur\lanceur.exe
        c:\program files\club-internet\naviclub\naviclub.exe
        C:\WINDOWS\System32\taskmgr.exe
        C:\hijackthis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
        O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
        O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
        O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
        O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
        O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
        O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
        O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
        O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
        O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
        O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
        O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
        O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
        O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
        O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
        O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\System32\Macromed\Download\Download.dll"
        O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\System32\Macromed\Download\Download.exe"
        O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\System32\Macromed\Download"
        O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
        O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
        O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
        O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\System32\taskdir.exe
        O4 - HKCU\..\Run: [WinMedia] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp3072.exe
        O4 - HKCU\..\Run: [Winsvr] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp5120.exe
        O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
        O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\AntiViral Toolkit Pro\avpm.exe
        O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
        O4 - Global Startup: FlowProtector 2005.lnk = C:\Program Files\CheckFlow\FlowProtector\FlowProtector2005.exe
        O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
        O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
        O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
        O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
        O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
        O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
        O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
        O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe
        O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
        O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
        O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
        O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
        0
      2. Utilisateur anonyme > laurentino83
         
        re,

        Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"


        O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
        O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
        O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
        O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
        O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
        O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
        O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
        O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\System32\taskdir.exe
        O4 - HKCU\..\Run: [WinMedia] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp3072.exe
        O4 - HKCU\..\Run: [Winsvr] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp5120.exe
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
        O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
        O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
        O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
        O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
        O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
        O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe


        Clic sur demarrer, rechercher, cherche et supprime ces fichiers si encore présent

        dxvwfiub.exe
        xpupdate.exe
        taskdir.exe
        ctldlg32.dll


        Cli sur demarrer, poste de travail, C:, program files, cherche et supprime ce dossier:

        MSN Apps

        A noter que:
        *Si un fichier persiste lors de la suppression fais ceci:
        -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement


        Fais ce nettoyage: (à faire réguliérement)

        ¤Telecharges et installes ceci:
        CCleaner:
        Ccleaner

        dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
        Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

        ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"


        Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici avec un nouveau rapport hijackthis
        Ewido: (installe le en anglais il passera en français, reste gratuit après la période d'essai)
        Télécharger Ewido Security Suite

        On devrait se rapprocher de la fin ;-)
        0
  8. thierry
     
    salut Boulepate,

    je n'ai pas réussi à supprimer mon virus, heureusement, j'avais une image norton ghost d'avant les vacances.
    Donc ca fonctionne, en espérant que le virus n'était pas déjà présent.

    Merci qd meme pour ton aide.

    Thierry
    0
    1. Utilisateur anonyme
       
      Salut Thierry,

      ton rapport hijackthis, tu l'as fait juste après avoir utiliser Norton Gost ? si oui, c'est pire qu'avant :-/

      confirmes moi s'il te plait.

      A++
      0
  9. laurentino83
     
    Salut boulepate,

    Je crois que le rapport Hijack auquel tu fais allusion est le mien!!
    Si tu dis que c'est pire qu'avant pour lui , alors c'est que ca craint pour moi , non?
    Alors ton analyse sur ce rapport?

    Dans l'attente de ta réponse, Merci bcp...
    0
    1. Utilisateur anonyme
       
      Salut Laurentino,

      si c'est le tiens, non ça va ont a pas fini normal :-P

      J'te repond de suite

      c'est ça d'être à plusieurs sur un post :-/
      0
  10. laurentino83
     
    Up..SVP
    0
    1. Utilisateur anonyme
       
      Salut Laurentino,

      j'tavais repondu juste au dessus, l'a tu vu ?
      J'attendais de tes news ;-)

      0
      1. laurentino83 > Utilisateur anonyme
         
        Salut boulepate,
        sorry, j'avais pas vu!
        Je me mets au travail
        @+
        0
      2. laurentino83 > Utilisateur anonyme
         
        Re Boulepate,
        concernant les fichiers à supprimer , je ne les ai pas trouvé.
        Seul fichier trouvé, MSN Apps --> suppression OK
        voici le rapport Ewido:
        ---------------------------------------------------------
        ewido anti-spyware - Scan Report
        ---------------------------------------------------------

        + Created at: 11:38:23 24/08/2006

        + Scan result:



        C:\WINDOWS\azesearch.bmp -> Adware.Azesearch : No action taken.
        C:\WINDOWS\system32\dfrgsrv.exe -> Trojan.Small : No action taken.


        ::Report end

        ***************
        et le rapport HijackThis

        Logfile of HijackThis v1.99.1
        Scan saved at 11:41:50, on 24/08/2006
        Platform: Windows XP SP1 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
        C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\System32\LVCOMSX.EXE
        C:\Program Files\Logitech\Video\LogiTray.exe
        C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        C:\Program Files\Calendrier\Cld2000.exe
        C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
        C:\Program Files\Logitech\Video\FxSvr2.exe
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\Program Files\ewido anti-spyware 4.0\ewido.exe
        C:\Program Files\Club-Internet\Lanceur\lanceur.exe
        c:\program files\club-internet\naviclub\naviclub.exe
        C:\hijackthis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
        O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
        O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
        O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
        O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
        O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
        O4 - HKLM\..\Run: [rpcc] rpcc.exe
        O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
        O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
        O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
        O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
        O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
        O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
        O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
        O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

        Merci de ta colaboration
        0
      3. Utilisateur anonyme > laurentino83
         
        Salut Laurentino

        Supprime les deux fichiers trouvés par Ewido.

        Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

        R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)


        Pourquoi as-tu supprimé Kerio ? il serait utile de remettre un pare-feu efficace! Peut etre un peu chiant au debut mais ça a ces raisons ;-)
        Si à tes yeux Kerio etait trop compliqué,tu peux effacer celui-ci

        ZoneAlarm: (pare-feu gratuit, en français)
        Zone Alarm


        Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
        Une fois qu'il a terminé colle le rapport ici stp

        https://www.bitdefender.com/toolbox/

        A++
        0
  11. laurentino83 Messages postés 20 Statut Membre
     
    Re Boulepate,
    Eh bien, il etait long le scan bitdefender (1h15!)
    Voici le rapport , apparemment aucun pb?
    BitDefender Online Scanner - Real Time Virus Report

    Generated at: Thu, Aug 24, 2006 - 18:38:30

    --------------------------------------------------------------------------------

    Scan Info

    Scanned Files
    233464

    Infected Files
    0

    Virus Detected

    No virus found.
    0
    1. Utilisateur anonyme
       
      ça me semble ok et de ton côté ?
      0
    2. laurentino83 Messages postés 20 Statut Membre
       
      J'ai eteins et relancer le PC et tout a l'air de fonctionner normalement (plus de compte à rebours Autorite NT...).

      Je te dis donc un grand MERCI pour ta patience et ta collaboration.
      Laurentino
      0
  12. laurentino83 Messages postés 20 Statut Membre
     
    Ah encore une chose
    sous internet Explorer je n'ai pas acces à la barre d'information Active X
    Normal?
    Merci
    0
    1. Utilisateur anonyme
       
      Oui, c'est normal car ton système d'exploitation n'est pas à jour, pour regler le probléme, il suffit de faire les mises à jours.

      ¤ Mises à jours ¤

      Clic sur "demarrer", "tous les programmes", tout en haut "Windows Update" puis telecharge toutes les mises à jour qu'il te trouve, tu peux refaire cette opération plusieurs fois à la suite, même si ton PC aura redemarrer, car ton système est loin d'être à jour ;-)
      0
    2. laurentino83
       
      Apparemment, je l'avais deja effectué et j'avais eu le meme message qu'a l'instant, c'est-à-dire:
      ***Le site Web a rencontré une erreur et ne peut pas afficher la page demandée***
      Je ne peux pas effectuer les mises à jour Window?

      Dans l'attente de ton analyse...
      0
  13. laurentino83 Messages postés 20 Statut Membre
     
    De plus,
    au niveau du gestionnaire de taches, j'ai encore une utilisation de l'UC qui monte souvent a 100% , ralentissant énormément le PC??
    Est-ce normal?
    0
    1. Utilisateur anonyme
       
      non, ce n'est pas normal..

      clic sur demarrer, rechercher, cherche et supprime ce fichier si present:

      rpcc.exe


      Remets un rapport hijackthis stp
      0
    2. laurentino83 > Utilisateur anonyme
       
      rpcc.exe apparemment non present..

      Voici le nouveau rapport hijackthis
      Logfile of HijackThis v1.99.1
      Scan saved at 21:14:20, on 24/08/2006
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      C:\Program Files\ewido anti-spyware 4.0\guard.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\System32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\ewido anti-spyware 4.0\ewido.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Calendrier\Cld2000.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
      C:\Program Files\Club-Internet\Lanceur\lanceur.exe
      C:\Documents and Settings\Administrateur\Bureau\emule\emule.exe
      c:\program files\club-internet\naviclub\naviclub.exe
      C:\hijackthis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [rpcc] rpcc.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
      O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
      O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
      O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
      O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
      O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      0
    3. laurentino83 > Utilisateur anonyme
       
      Boulepate,
      en analysant le rapport hijack, je viens de voir cette ligne
      O4 - HKLM\..\Run: [rpcc] rpcc.exe

      En faisant demarrer/rechercher comme tu me le demandais, ce fichier n'était pas présent...

      J'ai coché la case et fait un fix. c'est bon ou j'ai fait une conn****?

      @+
      0
    4. Utilisateur anonyme > laurentino83
       
      Salut Laurentino

      non, tu n'as pas fait de connerie, regarde dans tes emails et fais le tri, pour ne garder que ce que tu as vraiement besoin le reste poubelle et vide la.


      Si tu n'as pas l'un des logiciels ci-dessous telecharge le(s) puis scan ton PC complétement:

      SpyBot-Search & Destroy: (gratuit)
      Spybot Search & Destroy

      A² free: (gratuit)
      A² Squared

      Ad-Aware SE Personal: (en anglais, gratuit))
      Ad-aware
      -Le patch pour le faire fonctionner Ad-Aware SE en français: Patch français pour Ad-aware



      Puis pour verifier que c'est propre fait ça:

      Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
      Une fois qu'il a terminé colle le rapport ici stp

      _Online Scanner
      _Kaspersky Online Scanner
      _My Computer

      https://www.kaspersky.fr/downloads


      Si le rapport ne trouve aucun virus, fais ça:

      ¤ Mises à jours ¤

      Clic sur "demarrer", "tous les programmes", tout en haut "Windows Update" puis telecharge toutes les mises à jour qu'il te trouve, tu peux refaire cette opération plusieurs fois à la suite, même si ton PC aura redemarrer, car ton système est loin d'être à jour ;-)


      A++
      0
    5. laurentino83 > Utilisateur anonyme
       
      Salut Boulepate,
      aprés avoir telecharger tous les logiciels et fais un scan complet avec chacun d'entre eux, voici le rapport Kapersky:
      ************
      Friday, August 25, 2006 3:58:20 PM
      Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
      Kaspersky Online Scanner version: 5.0.83.0
      Kaspersky Anti-Virus database last update: 25/08/2006
      Kaspersky Anti-Virus database records: 205408


      Scan Settings
      Scan using the following antivirus database standard
      Scan Archives true
      Scan Mail Bases true

      Scan Target My Computer
      A:\
      C:\
      D:\
      E:\
      G:\

      Scan Statistics
      Total number of scanned objects 40577
      Number of viruses found 1
      Number of infected objects 1 / 0
      Number of suspicious objects 0
      Duration of the scan process 00:47:46

      Infected Object Name Virus Name Last Action
      C:\Documents and Settings\Administrateur\Bureau\Temp\001.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\003.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\004.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\008.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\009.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\010.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\013.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\015.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\017.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\018.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\020.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\022.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\023.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\024.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\025.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\026.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Bureau\Temp\030.part Object is locked skipped

      C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped

      C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

      C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

      C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

      C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012006082520060826\index.dat Object is locked skipped

      C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

      C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped

      C:\Documents and Settings\Administrateur\ntuser.dat.LOG Object is locked skipped

      C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

      C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

      C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

      C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

      C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

      C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

      C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

      C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

      C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

      C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

      C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

      C:\Program Files\Calendrier\Jours.edb Object is locked skipped

      C:\Program Files\Club-Internet\Dr Club Internet\log\mpbtn.log Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\BWDocMap.pht Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\BWInfopakMap.pht Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chandir.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chandir.idx Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chn.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chn.idx Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\D0000000.FCS Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\inuse.txt Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\L0000004.FCS Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\main.log Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs.idx Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_die.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_die.idx Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_dnd.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_dnd.idx Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_ext.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_ext.idx Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_rcv.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_rcv.idx Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\storydb.dat Object is locked skipped

      C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\storydb.idx Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0171358.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0171363.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172358.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172360.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172366.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172367.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172368.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172370.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172371.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172372.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172385.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172386.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP102\A0173488.dll Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP103\A0185872.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0209931.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228978.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228979.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228980.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228981.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228982.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228983.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228984.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228985.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228986.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228987.exe Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228999.dll Object is locked skipped

      C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP108\change.log Object is locked skipped

      C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

      C:\WINDOWS\SchedLgU.Txt Object is locked skipped

      C:\WINDOWS\SoftwareDistribution\EventCache\{6780D64E-E878-4ADD-9FE4-F7629CE11666}.bin Object is locked skipped

      C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

      C:\WINDOWS\Sti_Trace.log Object is locked skipped

      C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

      C:\WINDOWS\system32\config\default Object is locked skipped

      C:\WINDOWS\system32\config\default.LOG Object is locked skipped

      C:\WINDOWS\system32\config\SAM Object is locked skipped

      C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

      C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

      C:\WINDOWS\system32\config\SECURITY Object is locked skipped

      C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

      C:\WINDOWS\system32\config\software Object is locked skipped

      C:\WINDOWS\system32\config\software.LOG Object is locked skipped

      C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

      C:\WINDOWS\system32\config\system Object is locked skipped

      C:\WINDOWS\system32\config\system.LOG Object is locked skipped

      C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped

      C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

      C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

      C:\WINDOWS\system32\h323log.txt Object is locked skipped

      C:\WINDOWS\system32\qvxgamet4.exe Infected: Trojan-Proxy.Win32.Dlena.s skipped

      C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

      C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

      C:\WINDOWS\wiadebug.log Object is locked skipped

      C:\WINDOWS\wiaservc.log Object is locked skipped

      C:\WINDOWS\WindowsUpdate.log Object is locked skipped

      Scan process completed.
      **************************
      sinon, je confirme qu'il m'est impossible d'effectuer les mises à jour Window (Message:Le site Web a rencontré une erreur et ne peut pas afficher la page demandée)
      @+
      0
  14. laurentino83
     
    Salut Boulepate,
    Ca y est, tout a etait fait à la lettre et je te remercie de tes efforts.
    @+ et Bon Week...
    0
    1. Utilisateur anonyme
       
      Lu Laurentino,

      dis le moi si tu n'arrives pas à faire les mises à jours..

      A++
      0
      1. laurentino83 > Utilisateur anonyme
         
        Salut boulepate,
        effectivement, je n'arrive pas à effectuer les mises à jours window.
        toujours le même N° erreur (Numéro d'erreur : 0x80070002)

        @+
        0