(Virus] W32/Bagle-KJ

Re bonjour !!!
Autant de virus, j'ai honte !!!!!! je stoppe Emule pour l'instant.
Pour Avast c'etait un oubli, rectifié hier. Malheureusement au redemarrage de l'ordi ce soir il ne fonctionne plus et impossible de le reinstaller. Idem pour Kerio que je dois reinstaller a chaque redemarrage.
Voici le rapport BitDefender :



BitDefender Online Scanner







Scan report generated at: Sun, Aug 27, 2006 - 23:27:00









Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;















Statistics

Time


04:40:02

Files


718820

Folders


10932

Boot Sectors


6

Archives


14741

Packed Files


50673







Results

Identified Viruses


7

Infected Files


16

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


13







Engines Info

Virus Definitions


450994

Engine build


AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins


13

Archive plugins


39

Unpack plugins


5

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044561.exe


Infected with: Trojan.Dropper.Delf.VT

C:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044561.exe


Disinfection failed

C:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044561.exe


Deleted

C:\temp.zip=>qbjefecl.exe


Infected with: Win32.Bagle.FG@mm

C:\temp.zip=>qbjefecl.exe


Disinfection failed

C:\temp.zip=>qbjefecl.exe


Deleted

C:\temp.zip


Updated

C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe


Infected with: Trojan.Dropper.Delf.VT

C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe


Disinfection failed

C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe


Deleted

C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar


Update failed

F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe


Infected with: Win32.Bagle.FG@mm

F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe


Disinfection failed

F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe


Delete failed

F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe


Infected with: Trojan.Downloader.Bagle.BG

F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe


Disinfection failed

F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe


Delete failed

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\36M15KKM\777[2].gif


Infected with: Win32.Bagle.FQ@mm

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\36M15KKM\777[2].gif


Disinfection failed

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\36M15KKM\777[2].gif


Deleted

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[1].gif


Infected with: Trojan.Downloader.Bagle.BG

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[1].gif


Disinfection failed

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[1].gif


Deleted

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[3].gif


Infected with: Trojan.Downloader.Bagle.BG

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[3].gif


Disinfection failed

F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[3].gif


Deleted

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip=>qbjefecl.exe


Infected with: Win32.Bagle.FG@mm

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip=>qbjefecl.exe


Disinfection failed

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip=>qbjefecl.exe


Deleted

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx


Update failed

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip=>qbjefecl.exe


Infected with: Win32.Bagle.FG@mm

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip=>qbjefecl.exe


Disinfection failed

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip=>qbjefecl.exe


Deleted

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx


Update failed

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip=>qbjefecl.exe


Infected with: Win32.Bagle.FG@mm

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip=>qbjefecl.exe


Disinfection failed

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip=>qbjefecl.exe


Deleted

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)


Updated

F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx


Update failed

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044563.exe


Infected with: Win32.Worm.Mybot.JE

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044563.exe


Disinfection failed

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044563.exe


Deleted

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044564.exe


Infected with: Virtool.Hidewindows.O

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044564.exe


Disinfection failed

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044564.exe


Deleted

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044591.sys


Infected with: Win32.Bagle.FG@mm

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044591.sys


Disinfection failed

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044591.sys


Deleted

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044608.sys


Infected with: Win32.Bagle.FG@mm

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044608.sys


Disinfection failed

F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044608.sys


Deleted

F:\WINDOWS\system32\wintems.exe


Infected with: Win32.Bagle.FQ@mm

F:\WINDOWS\system32\wintems.exe


Disinfection failed

F:\WINDOWS\system32\wintems.exe


Delete failed

Re !!

Je me sers de
Ewido, Spybot, Ad-aware, Avast qd le virus arretera de le desinstaller à chaque redémarrage.

Le dernier scan chez Bit defender est posté juste ci-dessus. Je peux en refaire un plus recent, mais il faudra du temps ...

Voila ce que dit HIt Jack :

Logfile of HijackThis v1.99.1
Scan saved at 20:22:31, on 30/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\System32\Tablet.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\WINDOWS\System32\LVCOMSX.EXE
F:\Program Files\Logitech\Video\LogiTray.exe
F:\Program Files\SPAMfighter\SFAgent.exe
F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
F:\Program Files\Logitech\Video\FxSvr2.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Logitech\MouseWare\System\em_exec.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Outlook Express\msimn.exe
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4640/mcfscan.cab
O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - F:\WINDOWS\System32\dfrgfat32.exe (file missing)
O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe

Prête pour l'extermination de tous les virus !!!!!!! :o))
a+

ok, rien ne sera supprimé sauf si je te l'indique!

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"


O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ? < si tu connais laisse le
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4640/mcfscan.cab
O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - F:\WINDOWS\System32\dfrgfat32.exe (file missing)
O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)


Clic sur demarrer, executer, tape: services.msc ,dans la liste regle les lignes ci-dessous comme suit:

"desactivé"

Webroot Spy Sweeper Engine
SymWMI Service
Speed Disk service
Defragmentation Management Handler



Fait ou refait ce nettoyage:

Fais ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"



Comme tu avais la restauration de ton PC infecté on va creer un nouveau point propre, voir ci-dessous (a faire sur chaques disque dur/partition)


Alors ceci; C:\System Volume Information\_restore"(voir rapport bitdefender) indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.


Affiche tous les dossiers et fichiers cachés;

Clic sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"
"
Coche:
¤ afficher les fichiers et dossiers cachés
Clic sur "appliquer" puis "ok"

Clic sur demarrer, rechercher, cherche et supprime ce fichier si présent:

dfrgfat32.exe


Clic sur demarrer, poste de travail, C:, all users, application data, cherche et supprime ce dossier:

m <


**

Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement


Dès que c'est fait remet un rapport hijackthis stp

re !!

O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ? ** c'est un petit programme pour ma souris, no stress ;)

dfrgfat32.exe et le dossier m < introuvables.

HitJack dit :
Logfile of HijackThis v1.99.1
Scan saved at 21:52:55, on 30/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
F:\WINDOWS\System32\Tablet.exe
F:\WINDOWS\System32\LVCOMSX.EXE
F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\Program Files\Logitech\Video\LogiTray.exe
F:\Program Files\SPAMfighter\SFAgent.exe
F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\Program Files\Logitech\Video\FxSvr2.exe
F:\Program Files\Logitech\MouseWare\System\em_exec.exe
F:\Program Files\Outlook Express\msimn.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe

PS : tu as raison pour Ccleaner, je l'avais mais je ne m'en sers pas assez !!

lol, ok pas de probléme, bonne nuit à toi ;-)

++

Ok alors c'est reparti pour un tour de scan chez Bit Defender !!

Vu le temps que ca prends je te dis bonne nuit et je colle le rapport demain avant d'aller travailler !!

:o))

Dac', bonne nuit à toi puis à demain alors ;-)