[virus] infecté pat trojan

Résolu
michel88 Messages postés 15 Statut Membre -  
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   -
bojour
j'ai depuis peu des pages webs qui s'ouvrent toutes seules (casino, sexe, anti virus etc) jai comme on me l'a conseille fait la methode preliminaire de desinfection avec ewido puis bitdefender et enfin avec hijackhis. dans les rapports je vois infecte avec trojan mais je n'y comprend rien pouvez vous m'aider?voici les rapports

BitDefender Online Scanner

Scan report generated at: Wed, Oct 25, 2006 - 22:19:20

Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;

Statistics

Time
01:13:20

Files
436230

Folders
6264

Boot Sectors
3

Archives
16279

Packed Files
53416

Results

Identified Viruses
8

Infected Files
15

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
13

Engines Info

Virus Definitions
478767

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
Infected with: GenPack:Trojan.Swizzor.HH

C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
Delete failed

C:\Documents and Settings\amelie\Application Data\Type Camp Roam\toolhtm.exe
Infected with: GenPack:Trojan.Swizzor.LZ

C:\Documents and Settings\amelie\Application Data\Type Camp Roam\toolhtm.exe
Disinfection failed

C:\Documents and Settings\amelie\Application Data\Type Camp Roam\toolhtm.exe
Delete failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP12.0
Infected with: GenPack:Trojan.Downloader.Swizzor.DB

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP12.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP12.0
Deleted

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP3.0
Infected with: GenPack:Trojan.Downloader.Swizzor.BO

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP3.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP3.0
Deleted

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP4.0
Infected with: GenPack:Trojan.Downloader.Swizzor.BO

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP4.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP4.0
Deleted

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP6.0
Infected with: GenPack:Trojan.Downloader.Swizzor.DB

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP6.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP6.0
Deleted

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP7.0
Infected with: Trojan.Swizzor.DH

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP7.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP7.0
Deleted

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP9.0
Infected with: Trojan.Swizzor.DH

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP9.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMP9.0
Deleted

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMPB.0
Infected with: GenPack:Trojan.Downloader.Swizzor.CB

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMPB.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMPB.0
Deleted

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMPC.0
Infected with: GenPack:Trojan.Downloader.Swizzor.CB

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMPC.0
Disinfection failed

C:\Documents and Settings\Michel et Colette\Local Settings\Temp\TMPC.0
Deleted

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102770.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102770.exe
Disinfection failed

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102770.exe
Deleted

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102771.exe
Infected with: Trojan.Swizzor.CN

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102771.exe
Disinfection failed

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102771.exe
Deleted

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102772.exe
Infected with: GenPack:Trojan.Swizzor.HH

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102772.exe
Deleted

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102773.exe
Infected with: GenPack:Trojan.Downloader.Swizzor.GC

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102773.exe
Disinfection failed

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102773.exe
Deleted

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102774.exe
Infected with: Trojan.Swizzor.CN

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102774.exe
Disinfection failed

C:\System Volume Information\_restore{8CB5D8F0-D299-4EC3-A173-ECBDA009E3CE}\RP464\A0102774.exe
Deleted
Logfile of HijackThis v1.99.1
Scan saved at 23:34:40, on 25/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\av_fw\FSGUI\fsguiexe.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\Rar$EX00.922\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {811693D2-3747-722A-AAF5-6EB528A5091A} - C:\DOCUME~1\amelie\APPLIC~1\MEMOSI~1\Build ball.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Program Files\NavExcel\NavHelper\v1.0\NHelper.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [fenaffiche] C:\Program Files\FenAffiche\Fenpowernet.exe
O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [frag flag wait ford] C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT

cnx|PARAM


O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://www2.ac-nancy-metz.fr/qp2.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/CursorManiaFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O16 - DPF: {FD31BF07-70E3-4B98-8F70-0970AF614275} (HTPlayer Class) - http://www.hot-tv.com/cab/HotTVPlayer.cab
O18 - Protocol: bw+0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

merci d'avance

11 réponses

  1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Slt,

    Fais ce qui suit
    stp
    merci

    Télécharge Blacklight(de F-Secure) a l’une des 2 adresses :
    https://www.f-secure.com/en
    https://www.f-secure.com/en

    et sauvegarde le sur ton Bureau.

    Double-clique blbeta.exeet accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next

    Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

    A++
    0
    1. michel88 Messages postés 15 Statut Membre
       
      slt, merci pour ta reponse rapide; voici le rapport de blacklight

      10/26/06 17:59:05 [Info]: BlackLight Engine 1.0.47 initialized
      10/26/06 17:59:05 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      10/26/06 17:59:06 [Note]: 7019 4
      10/26/06 17:59:06 [Note]: 7005 0
      10/26/06 17:59:12 [Note]: 7006 0
      10/26/06 17:59:12 [Note]: 7011 1028
      10/26/06 17:59:12 [Note]: 7026 0
      10/26/06 17:59:12 [Note]: 7026 0
      10/26/06 17:59:12 [Note]: 7024 3
      10/26/06 17:59:12 [Info]: Hidden process: C:\windows\system32\aorcwx.exe
      10/26/06 17:59:12 [Note]: FSRAW library version 1.7.1020
      10/26/06 18:04:36 [Info]: Hidden file: c:\WINDOWS\Prefetch\AORCWX.EXE-1C200170.pf
      10/26/06 18:04:36 [Note]: 10002 1
      10/26/06 18:05:09 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx.dat
      10/26/06 18:05:09 [Note]: 10002 1
      10/26/06 18:05:09 [Info]: Hidden file: C:\windows\system32\aorcwx.exe
      10/26/06 18:05:09 [Note]: 10002 1
      10/26/06 18:05:10 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx_nav.dat
      10/26/06 18:05:10 [Note]: 10002 1
      10/26/06 18:05:10 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx_navps.dat
      10/26/06 18:05:10 [Note]: 10002 1

      a+
      0
  2. Utilisateur anonyme
     
    Salut,

    fait ces deux choses stp

    Télécharges Blacklight et sauvegarde le sur ton bureau.
    https://www.f-secure.com/en
    Double cliques sur " blbeta.exe " et acceptes la licence; clic sur "Scan" puis "Next"

    Un rapport, va se créer sur ton bureau "fslb-....."

    Copies et colles le contenu de ce rapport ici.

    Ne touche à rien d'autre!

    et

    Télécharge lopxp:
    http://pageperso.aol.fr/balltrap34/lopxp.zip

    dézippe-le sur ton bureau puis double-clic sur le fichier "lopxp.bat"
    quand il à terminé, un rapport s'ouvre : fais un copier-coller puis mets le ici

    0
    1. michel88 Messages postés 15 Statut Membre
       
      salut, merci pour ton intervention rapide
      voici les rapports demandes
      10/26/06 17:59:05 [Info]: BlackLight Engine 1.0.47 initialized
      10/26/06 17:59:05 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      10/26/06 17:59:06 [Note]: 7019 4
      10/26/06 17:59:06 [Note]: 7005 0
      10/26/06 17:59:12 [Note]: 7006 0
      10/26/06 17:59:12 [Note]: 7011 1028
      10/26/06 17:59:12 [Note]: 7026 0
      10/26/06 17:59:12 [Note]: 7026 0
      10/26/06 17:59:12 [Note]: 7024 3
      10/26/06 17:59:12 [Info]: Hidden process: C:\windows\system32\aorcwx.exe
      10/26/06 17:59:12 [Note]: FSRAW library version 1.7.1020
      10/26/06 18:04:36 [Info]: Hidden file: c:\WINDOWS\Prefetch\AORCWX.EXE-1C200170.pf
      10/26/06 18:04:36 [Note]: 10002 1
      10/26/06 18:05:09 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx.dat
      10/26/06 18:05:09 [Note]: 10002 1
      10/26/06 18:05:09 [Info]: Hidden file: C:\windows\system32\aorcwx.exe
      10/26/06 18:05:09 [Note]: 10002 1
      10/26/06 18:05:10 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx_nav.dat
      10/26/06 18:05:10 [Note]: 10002 1
      10/26/06 18:05:10 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx_navps.dat
      10/26/06 18:05:10 [Note]: 10002 1


      Rapport fait à 18:16:36,17 le 26/10/2006

      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\All Users\Application Data

      27/06/2006 20:01 <REP> Windows Genuine Advantage
      16/05/2006 20:53 <REP> FreeTest
      01/05/2006 16:28 <REP> WinAntiVirus Pro 2006
      31/03/2006 21:17 <REP> nView_Profiles
      03/10/2005 17:33 <REP> Messenger Plus!
      08/05/2005 17:51 <REP> QuickTime
      18/03/2005 14:54 <REP> SBT
      05/03/2005 16:39 <REP> Macrovision
      12/02/2005 22:21 <REP> OD2
      30/01/2005 14:03 <REP> Cake Global Frag Flag
      29/01/2005 16:23 <REP> Hewlett-Packard
      29/01/2005 16:15 1279 hpzinstall.log
      31/12/2004 13:39 62 desktop.ini
      31/12/2004 13:37 <REP> .
      31/12/2004 13:37 <REP> ..
      31/12/2004 13:37 <REP> Microsoft
      31/12/2004 12:52 <REP> McAfee.com
      31/12/2004 12:51 <REP> SBSI
      2 fichier(s) 1341 octets
      16 R‚p(s) 186661220352 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\amelie\Application Data

      15/07/2006 16:26 <REP> WholeSecurity
      03/06/2006 11:02 <REP> PVC
      03/06/2006 09:53 <REP> Ahead
      25/05/2006 16:42 <REP> Wannadoo
      06/05/2006 17:05 <REP> Lavasoft
      30/04/2006 11:57 <REP> Memo Sixth Site
      05/03/2006 14:10 <REP> Real
      28/02/2006 11:38 <REP> eConf
      29/01/2006 11:26 <REP> ispnews
      25/01/2006 17:01 <REP> HbTools
      19/10/2005 15:40 <REP> Google
      14/10/2005 19:51 <REP> Musicmatch
      08/05/2005 18:00 <REP> OLYMPUS
      06/04/2005 21:12 <REP> Creative
      06/04/2005 21:11 <REP> ArcSoft
      21/02/2005 15:59 <REP> OD2
      06/02/2005 20:08 <REP> Help
      30/01/2005 14:02 <REP> Type Camp Roam
      29/01/2005 21:19 <REP> Macromedia
      28/01/2005 20:04 <REP> Logitech
      28/01/2005 20:04 62 desktop.ini
      28/01/2005 20:04 <REP> Adobe
      28/01/2005 20:04 <REP> Identities
      28/01/2005 20:04 <REP> InterTrust
      28/01/2005 20:04 <REP> Microsoft
      28/01/2005 20:04 <REP> ..
      28/01/2005 20:04 <REP> .
      1 fichier(s) 62 octets
      26 R‚p(s) 186661208064 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\Default User\Application Data

      28/01/2005 19:37 <REP> Adobe
      28/01/2005 19:37 <REP> InterTrust
      31/12/2004 13:39 62 desktop.ini
      31/12/2004 13:37 <REP> Microsoft
      31/12/2004 13:37 <REP> ..
      31/12/2004 13:37 <REP> .
      31/12/2004 12:46 <REP> Identities
      1 fichier(s) 62 octets
      6 R‚p(s) 186661208064 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\Michel et Colette\Application Data

      14/09/2006 18:01 <REP> ZangoToolbar
      14/07/2006 19:06 <REP> WholeSecurity
      05/06/2006 14:59 <REP> Steinberg
      31/05/2006 20:08 <REP> Ahead
      29/05/2006 18:20 <REP> PVC
      04/05/2006 20:19 <REP> Lavasoft
      01/05/2006 16:28 <REP> WinAntiVirus Pro 2006
      04/03/2006 21:31 <REP> Real
      27/02/2006 21:15 <REP> eConf
      20/02/2006 18:59 <REP> Wannadoo
      28/01/2006 23:20 <REP> ispnews
      05/12/2005 19:36 <REP> OLYMPUS
      22/11/2005 21:59 <REP> Google
      06/04/2005 20:52 <REP> Creative
      07/03/2005 19:45 <REP> Help
      12/02/2005 22:22 <REP> OD2
      30/01/2005 21:40 <REP> Sun
      30/01/2005 15:38 <REP> Microsoft Web Folders
      29/01/2005 20:29 <REP> Macromedia
      28/01/2005 20:53 <REP> Logitech
      28/01/2005 19:38 62 desktop.ini
      28/01/2005 19:38 <REP> Adobe
      28/01/2005 19:38 <REP> Identities
      28/01/2005 19:38 <REP> InterTrust
      28/01/2005 19:38 <REP> ..
      28/01/2005 19:38 <REP> .
      28/01/2005 19:38 <REP> Microsoft
      1 fichier(s) 62 octets
      26 R‚p(s) 186661203968 octets libres
      ******************************************
      Recherche des taches planifiées dans C:\WINDOWS\tasks

      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\WINDOWS\Tasks

      20/05/2006 11:57 266 AFA771D09184E22C.job
      28/01/2006 23:23 588 Scheduled scanning task.job
      31/12/2004 13:27 65 desktop.ini
      31/12/2004 12:48 6 SA.DAT
      31/12/2004 12:44 <REP> ..
      31/12/2004 12:44 <REP> .
      4 fichier(s) 925 octets
      2 R‚p(s) 186ÿ661ÿ203ÿ968 octets libres

      ******************************************
      Recherche dans Program files


      C:\Program Files\C2Media Présent !

      *************** Fin du rapport ****************
      merci pour ton aide et a+
      0
  3. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    on continue

    B'jour Boule............ lol

    Télécharge Brute Force Uninstaller (de Merijn) ici:
    http://www.merijn.org/files/bfu.zip
    Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU.
    Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)

    Ensuite, télécharge EGDACCESS.bfu (de Metallica) :

    Fais un clik droit ici : http://metallica.geekstogo.com/EGDACCESS.bfu et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

    Si tu utilises Internet Explorer, assure-toi lors de la sauvegarde que le champs "Type :" affiche "Tous les fichiers".
    Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

    Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
    - Clique sur le petit dossier jaune, et clique sur : EGDACCESS.bfu
    - Coches la case Show log after script ends
    - Clique sur Execute pour que le fix fasse son boulot :-)

    Attends que le message Complete script execution apparaîsse et clique sur OK.
    Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
    Clique Exit pour fermer le programme BFU.

    ==========================================

    Ensuite, lance Blacklight en double cliquant sur blbeta.exe et accepte la licence.
    Clique sur Scan pour lancer l'analyse.
    Une fois fait, sélectionnes chaque fichiers trouvés et clic sur "RENAME"
    Puis valide.
    Réponds oui aux messages d'avertissements et te demandant si tu autorises le reboot du pc.

    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

    Après le reboot du pc, les fichiers :

    c:\WINDOWS\system32\aorcwx.dat
    C:\windows\system32\aorcwx.exe
    c:\WINDOWS\system32\aorcwx_nav.dat
    c:\WINDOWS\system32\aorcwx_navps.dat


    devraient être visible et pouvoir être supprimés sans aucuns soucis.
    Blacklight ne les supprimes pas, il les renomme simplement et il va falloir que tu les vires toi-même:
    Va dans C:\windows\system32\ et recherches et effaces:

    aorcwx.dat .ren
    aorcwx.exe.ren
    aorcwx_nav.dat.ren
    aorcwx_navps.dat.ren


    Cherche et supprime ce qui est en gras

    c:\WINDOWS\Prefetch\AORCWX.EXE-1C200170.pf.ren

    Une fois fait, reposte un rapport hijackthis et un nouveau rapport de blacklight.

    0
  4. Utilisateur anonyme
     
    BONJOUR MARIE !
    0
    1. michel88 Messages postés 15 Statut Membre
       
      resalut
      ,j'ai effectuer les operatios apres le reboot du pc je n'ai truver aucun fichiers
      rapports joints
      Logfile of HijackThis v1.99.1
      Scan saved at 20:39:14, on 26/10/2006
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\Program Files\ewido anti-spyware 4.0\guard.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
      C:\Program Files\Messenger Plus! 3\MsgPlus.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
      C:\PROGRA~1\INCRED~1\bin\IMApp.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\Program Files\Logitech\SetPoint\KEM.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
      C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
      C:\WINDOWS\system32\HPZipm12.exe
      c:\progra~1\intern~1\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Wanadoo\EspaceWanadoo.exe
      C:\Program Files\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\Program Files\Wanadoo\Watch.exe
      C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\Rar$EX01.734\HijackThis.exe
      C:\Program Files\Internet Explorer\iexplore.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
      O2 - BHO: (no name) - {811693D2-3747-722A-AAF5-6EB528A5091A} - C:\DOCUME~1\amelie\APPLIC~1\MEMOSI~1\Build ball.exe (file missing)
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Program Files\NavExcel\NavHelper\v1.0\NHelper.dll (file missing)
      O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
      O4 - HKLM\..\Run: [fenaffiche] C:\Program Files\FenAffiche\Fenpowernet.exe
      O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
      O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
      O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
      O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
      O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
      O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
      O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
      O4 - HKLM\..\Run: [frag flag wait ford] C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [aorcwx] c:\windows\system32\aorcwx.exe aorcwx
      O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT
      cnx|PARAM

      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
      O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
      O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
      O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
      O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
      O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
      O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://www2.ac-nancy-metz.fr/qp2.cab
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/
      O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
      O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
      O16 - DPF: {FD31BF07-70E3-4B98-8F70-0970AF614275} (HTPlayer Class) - http://www.hot-tv.com/cab/HotTVPlayer.cab
      O18 - Protocol: bw+0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O18 - Protocol: offline-8876480 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
      O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      10/26/06 20:18:01 [Info]: BlackLight Engine 1.0.47 initialized
      10/26/06 20:18:01 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      10/26/06 20:18:01 [Note]: 7019 4
      10/26/06 20:18:01 [Note]: 7005 0
      10/26/06 20:18:03 [Note]: 7006 0
      10/26/06 20:18:03 [Note]: 7011 1028
      10/26/06 20:18:03 [Note]: 7026 0
      10/26/06 20:18:03 [Note]: 7026 0
      10/26/06 20:18:07 [Note]: FSRAW library version 1.7.1020
      10/26/06 20:25:00 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx.exe
      10/26/06 20:25:00 [Note]: 10002 1
      10/26/06 20:28:36 [Note]: 7007 0
      [ Continuer la discussion ][ Répondre à michel88 ]
      [ Alerter un modérateur ][ Autres messages de michel88 ][ Editer le message ]

      < 8 > - [virus] infecté pat trojan
      Ajouté par michel88 (26/10/2006 à 20:45 GMT+2)
      resalut
      ,j'ai effectuer les operatios apres le reboot du pc je n'ai truver aucun fichiers
      rapports joints
      Logfile of HijackThis v1.99.1
      Scan saved at 20:39:14, on 26/10/2006
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\Program Files\ewido anti-spyware 4.0\guard.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
      C:\Program Files\Messenger Plus! 3\MsgPlus.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
      C:\PROGRA~1\INCRED~1\bin\IMApp.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\Program Files\Logitech\SetPoint\KEM.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
      C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
      C:\WINDOWS\system32\HPZipm12.exe
      c:\progra~1\intern~1\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Wanadoo\EspaceWanadoo.exe
      C:\Program Files\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\Program Files\Wanadoo\Watch.exe
      C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\Rar$EX01.734\HijackThis.exe
      C:\Program Files\Internet Explorer\iexplore.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
      O2 - BHO: (no name) - {811693D2-3747-722A-AAF5-6EB528A5091A} - C:\DOCUME~1\amelie\APPLIC~1\MEMOSI~1\Build ball.exe (file missing)
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Program Files\NavExcel\NavHelper\v1.0\NHelper.dll (file missing)
      O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
      O4 - HKLM\..\Run: [fenaffiche] C:\Program Files\FenAffiche\Fenpowernet.exe
      O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
      O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
      O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
      O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
      O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
      O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
      O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
      O4 - HKLM\..\Run: [frag flag wait ford] C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [aorcwx] c:\windows\system32\aorcwx.exe aorcwx
      O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT
      cnx|PARAM

      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
      O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
      O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
      O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
      O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
      O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
      O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://www2.ac-nancy-metz.fr/qp2.cab
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/
      O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
      O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
      O16 - DPF: {FD31BF07-70E3-4B98-8F70-0970AF614275} (HTPlayer Class) - http://www.hot-tv.com/cab/HotTVPlayer.cab
      O18 - Protocol: bw+0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O18 - Protocol: offline-8876480 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
      O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      10/26/06 20:18:01 [Info]: BlackLight Engine 1.0.47 initialized
      10/26/06 20:18:01 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      10/26/06 20:18:01 [Note]: 7019 4
      10/26/06 20:18:01 [Note]: 7005 0
      10/26/06 20:18:03 [Note]: 7006 0
      10/26/06 20:18:03 [Note]: 7011 1028
      10/26/06 20:18:03 [Note]: 7026 0
      10/26/06 20:18:03 [Note]: 7026 0
      10/26/06 20:18:07 [Note]: FSRAW library version 1.7.1020
      10/26/06 20:25:00 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx.exe
      10/26/06 20:25:00 [Note]: 10002 1
      10/26/06 20:28:36 [Note]: 7007 0
      0
    2. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
       
      Sépare bien les rapport STP

      Regarde + bas j'ai posté au <10> merci de faire les manips.

      a+
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    lol

    J'ai pas pu résister

    celui-là https://www.cjoint.com/?kAsPcEcfKY

    ou celui-là https://www.cjoint.com/?kAsP01kaEU

    ça fait du bien == > https://www.cjoint.com/?kAsQyxAYvc
    0
    1. michel88 Messages postés 15 Statut Membre
       
      resalut
      ,j'ai effectuer les operatios apres le reboot du pc je n'ai truver aucun fichiers
      rapports joints
      Logfile of HijackThis v1.99.1
      Scan saved at 20:39:14, on 26/10/2006
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\Program Files\ewido anti-spyware 4.0\guard.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
      C:\Program Files\Messenger Plus! 3\MsgPlus.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
      C:\PROGRA~1\INCRED~1\bin\IMApp.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\Program Files\Logitech\SetPoint\KEM.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
      C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
      C:\WINDOWS\system32\HPZipm12.exe
      c:\progra~1\intern~1\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Wanadoo\EspaceWanadoo.exe
      C:\Program Files\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\Program Files\Wanadoo\Watch.exe
      C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\Rar$EX01.734\HijackThis.exe
      C:\Program Files\Internet Explorer\iexplore.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
      O2 - BHO: (no name) - {811693D2-3747-722A-AAF5-6EB528A5091A} - C:\DOCUME~1\amelie\APPLIC~1\MEMOSI~1\Build ball.exe (file missing)
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Program Files\NavExcel\NavHelper\v1.0\NHelper.dll (file missing)
      O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
      O4 - HKLM\..\Run: [fenaffiche] C:\Program Files\FenAffiche\Fenpowernet.exe
      O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
      O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
      O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
      O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
      O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
      O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
      O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
      O4 - HKLM\..\Run: [frag flag wait ford] C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [aorcwx] c:\windows\system32\aorcwx.exe aorcwx
      O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT
      cnx|PARAM

      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
      O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
      O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
      O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
      O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
      O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
      O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://www2.ac-nancy-metz.fr/qp2.cab
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/
      O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
      O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
      O16 - DPF: {FD31BF07-70E3-4B98-8F70-0970AF614275} (HTPlayer Class) - http://www.hot-tv.com/cab/HotTVPlayer.cab
      O18 - Protocol: bw+0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O18 - Protocol: offline-8876480 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
      O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      10/26/06 20:18:01 [Info]: BlackLight Engine 1.0.47 initialized
      10/26/06 20:18:01 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      10/26/06 20:18:01 [Note]: 7019 4
      10/26/06 20:18:01 [Note]: 7005 0
      10/26/06 20:18:03 [Note]: 7006 0
      10/26/06 20:18:03 [Note]: 7011 1028
      10/26/06 20:18:03 [Note]: 7026 0
      10/26/06 20:18:03 [Note]: 7026 0
      10/26/06 20:18:07 [Note]: FSRAW library version 1.7.1020
      10/26/06 20:25:00 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx.exe
      10/26/06 20:25:00 [Note]: 10002 1
      10/26/06 20:28:36 [Note]: 7007 0
      0
  7. michel88 Messages postés 15 Statut Membre
     
    resalut
    ,j'ai effectuer les operatios apres le reboot du pc je n'ai truver aucun fichiers
    rapports joints
    Logfile of HijackThis v1.99.1
    Scan saved at 20:39:14, on 26/10/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
    C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
    C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
    C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
    C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
    C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
    C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\Rar$EX01.734\HijackThis.exe
    C:\Program Files\Internet Explorer\iexplore.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/?p=us
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
    O2 - BHO: (no name) - {811693D2-3747-722A-AAF5-6EB528A5091A} - C:\DOCUME~1\amelie\APPLIC~1\MEMOSI~1\Build ball.exe (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Program Files\NavExcel\NavHelper\v1.0\NHelper.dll (file missing)
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [fenaffiche] C:\Program Files\FenAffiche\Fenpowernet.exe
    O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
    O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
    O4 - HKLM\..\Run: [frag flag wait ford] C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [aorcwx] c:\windows\system32\aorcwx.exe aorcwx
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT

    cnx|PARAM


    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
    O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://www2.ac-nancy-metz.fr/qp2.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/CursorManiaFWBInitialSetup1.0.0.8-2.cab
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
    O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
    O16 - DPF: {FD31BF07-70E3-4B98-8F70-0970AF614275} (HTPlayer Class) - http://www.hot-tv.com/cab/HotTVPlayer.cab
    O18 - Protocol: bw+0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    10/26/06 20:18:01 [Info]: BlackLight Engine 1.0.47 initialized
    10/26/06 20:18:01 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    10/26/06 20:18:01 [Note]: 7019 4
    10/26/06 20:18:01 [Note]: 7005 0
    10/26/06 20:18:03 [Note]: 7006 0
    10/26/06 20:18:03 [Note]: 7011 1028
    10/26/06 20:18:03 [Note]: 7026 0
    10/26/06 20:18:03 [Note]: 7026 0
    10/26/06 20:18:07 [Note]: FSRAW library version 1.7.1020
    10/26/06 20:25:00 [Info]: Hidden file: c:\WINDOWS\system32\aorcwx.exe
    10/26/06 20:25:00 [Note]: 10002 1
    10/26/06 20:28:36 [Note]: 7007 0
    0
  8. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
     
    slt,

    Télécharge: Pocket Killbox ici
    http://www.downloads.subratam.org/KillBox.exe

    :: Démo d utilisation (merci a Balltrap34 pour cette réalisation) ::
    http://pageperso.aol.fr/balltrap34/killbox.htm

    Regarde la méthode du bloc note et fais pareil avec cette ligne :

    c:\WINDOWS\system32\aorcwx.exe

    Ensuite, redemarre ton PC et remet un rapport Blacklight comme tu viens de faire.

    Ensuite tu peux me remettre un rapport de lopXP cité au <2> STP

    a+

    0
    1. michel88 Messages postés 15 Statut Membre
       
      bonsoir,merci pour ton aide voici le rapport blacklight


      10/26/06 21:15:39 [Info]: BlackLight Engine 1.0.47 initialized
      10/26/06 21:15:39 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      10/26/06 21:15:39 [Note]: 7019 4
      10/26/06 21:15:39 [Note]: 7005 0
      10/26/06 21:15:42 [Note]: 7006 0
      10/26/06 21:15:42 [Note]: 7011 2652
      10/26/06 21:15:42 [Note]: 7026 0
      10/26/06 21:15:42 [Note]: 7026 0
      10/26/06 21:15:52 [Note]: FSRAW library version 1.7.1020


      a+
      0
    2. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
       
      Remet un rapport LopXP ainsi qu'un log Hijack a la suite.(bien séparé STP).

      a+
      0
    3. michel88 Messages postés 15 Statut Membre
       
      voici la suite rapport de lopxp


      Rapport fait à 21:28:08,90 le 26/10/2006

      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\All Users\Application Data

      27/06/2006 20:01 <REP> Windows Genuine Advantage
      16/05/2006 20:53 <REP> FreeTest
      01/05/2006 16:28 <REP> WinAntiVirus Pro 2006
      31/03/2006 21:17 <REP> nView_Profiles
      03/10/2005 17:33 <REP> Messenger Plus!
      08/05/2005 17:51 <REP> QuickTime
      18/03/2005 14:54 <REP> SBT
      05/03/2005 16:39 <REP> Macrovision
      12/02/2005 22:21 <REP> OD2
      30/01/2005 14:03 <REP> Cake Global Frag Flag
      29/01/2005 16:23 <REP> Hewlett-Packard
      29/01/2005 16:15 1279 hpzinstall.log
      31/12/2004 13:39 62 desktop.ini
      31/12/2004 13:37 <REP> .
      31/12/2004 13:37 <REP> ..
      31/12/2004 13:37 <REP> Microsoft
      31/12/2004 12:52 <REP> McAfee.com
      31/12/2004 12:51 <REP> SBSI
      2 fichier(s) 1341 octets
      16 R‚p(s) 187617148928 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\amelie\Application Data

      15/07/2006 16:26 <REP> WholeSecurity
      03/06/2006 11:02 <REP> PVC
      03/06/2006 09:53 <REP> Ahead
      25/05/2006 16:42 <REP> Wannadoo
      06/05/2006 17:05 <REP> Lavasoft
      30/04/2006 11:57 <REP> Memo Sixth Site
      05/03/2006 14:10 <REP> Real
      28/02/2006 11:38 <REP> eConf
      29/01/2006 11:26 <REP> ispnews
      25/01/2006 17:01 <REP> HbTools
      19/10/2005 15:40 <REP> Google
      14/10/2005 19:51 <REP> Musicmatch
      08/05/2005 18:00 <REP> OLYMPUS
      06/04/2005 21:12 <REP> Creative
      06/04/2005 21:11 <REP> ArcSoft
      21/02/2005 15:59 <REP> OD2
      06/02/2005 20:08 <REP> Help
      30/01/2005 14:02 <REP> Type Camp Roam
      29/01/2005 21:19 <REP> Macromedia
      28/01/2005 20:04 <REP> Logitech
      28/01/2005 20:04 62 desktop.ini
      28/01/2005 20:04 <REP> Adobe
      28/01/2005 20:04 <REP> Identities
      28/01/2005 20:04 <REP> InterTrust
      28/01/2005 20:04 <REP> Microsoft
      28/01/2005 20:04 <REP> ..
      28/01/2005 20:04 <REP> .
      1 fichier(s) 62 octets
      26 R‚p(s) 187617148928 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\Default User\Application Data

      28/01/2005 19:37 <REP> Adobe
      28/01/2005 19:37 <REP> InterTrust
      31/12/2004 13:39 62 desktop.ini
      31/12/2004 13:37 <REP> Microsoft
      31/12/2004 13:37 <REP> ..
      31/12/2004 13:37 <REP> .
      31/12/2004 12:46 <REP> Identities
      1 fichier(s) 62 octets
      6 R‚p(s) 187617148928 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\Documents and Settings\Michel et Colette\Application Data

      14/09/2006 18:01 <REP> ZangoToolbar
      14/07/2006 19:06 <REP> WholeSecurity
      05/06/2006 14:59 <REP> Steinberg
      31/05/2006 20:08 <REP> Ahead
      29/05/2006 18:20 <REP> PVC
      04/05/2006 20:19 <REP> Lavasoft
      01/05/2006 16:28 <REP> WinAntiVirus Pro 2006
      04/03/2006 21:31 <REP> Real
      27/02/2006 21:15 <REP> eConf
      20/02/2006 18:59 <REP> Wannadoo
      28/01/2006 23:20 <REP> ispnews
      05/12/2005 19:36 <REP> OLYMPUS
      22/11/2005 21:59 <REP> Google
      06/04/2005 20:52 <REP> Creative
      07/03/2005 19:45 <REP> Help
      12/02/2005 22:22 <REP> OD2
      30/01/2005 21:40 <REP> Sun
      30/01/2005 15:38 <REP> Microsoft Web Folders
      29/01/2005 20:29 <REP> Macromedia
      28/01/2005 20:53 <REP> Logitech
      28/01/2005 19:38 62 desktop.ini
      28/01/2005 19:38 <REP> Adobe
      28/01/2005 19:38 <REP> Identities
      28/01/2005 19:38 <REP> InterTrust
      28/01/2005 19:38 <REP> ..
      28/01/2005 19:38 <REP> .
      28/01/2005 19:38 <REP> Microsoft
      1 fichier(s) 62 octets
      26 R‚p(s) 187617144832 octets libres
      ******************************************
      Recherche des taches planifiées dans C:\WINDOWS\tasks

      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 8424-AE52

      R‚pertoire de C:\WINDOWS\Tasks

      20/05/2006 11:57 266 AFA771D09184E22C.job
      28/01/2006 23:23 588 Scheduled scanning task.job
      31/12/2004 13:27 65 desktop.ini
      31/12/2004 12:48 6 SA.DAT
      31/12/2004 12:44 <REP> ..
      31/12/2004 12:44 <REP> .
      4 fichier(s) 925 octets
      2 R‚p(s) 187ÿ617ÿ144ÿ832 octets libres

      ******************************************
      Recherche dans Program files


      C:\Program Files\C2Media Présent !

      *************** Fin du rapport ****************
      0
    4. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
       
      Le log Hijack STP

      0
    5. michel88 Messages postés 15 Statut Membre
       
      re,
      voici l'autre rapport

      Logfile of HijackThis v1.99.1
      Scan saved at 21:36:09, on 26/10/2006
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\Program Files\ewido anti-spyware 4.0\guard.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
      C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
      C:\WINDOWS\System32\FTRTSVC.exe
      C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
      C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
      C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\WINDOWS\system32\RunDll32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
      C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
      C:\Program Files\Messenger Plus! 3\MsgPlus.exe
      C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe
      C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
      C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
      C:\Program Files\Securitoo\av_fw\backweb\8520111\Program\fspex.exe
      C:\Program Files\Securitoo\av_fw\FSGUI\fsguiexe.exe
      C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
      C:\Program Files\ewido anti-spyware 4.0\ewido.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
      C:\PROGRA~1\INCRED~1\bin\IMApp.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Logitech\SetPoint\KEM.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
      C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
      C:\WINDOWS\system32\HPZipm12.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\WinRAR\WinRAR.exe
      C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\Rar$EX00.859\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/?p=us
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
      O2 - BHO: (no name) - {811693D2-3747-722A-AAF5-6EB528A5091A} - C:\DOCUME~1\amelie\APPLIC~1\MEMOSI~1\Build ball.exe (file missing)
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: NavHelper Class - {C1E58A84-95B3-4630-B8C2-D06B77B7A0FC} - C:\Program Files\NavExcel\NavHelper\v1.0\NHelper.dll (file missing)
      O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
      O4 - HKLM\..\Run: [fenaffiche] C:\Program Files\FenAffiche\Fenpowernet.exe
      O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe
      O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
      O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
      O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
      O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
      O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
      O4 - HKLM\..\Run: [FSASWREG] "C:\Program Files\Securitoo\av_fw\Anti-Spyware\fsaswreg.exe"
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
      O4 - HKLM\..\Run: [frag flag wait ford] C:\Documents and Settings\All Users\Application Data\Cake Global Frag Flag\SlowBows.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [aorcwx] c:\windows\system32\aorcwx.exe aorcwx
      O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT

      cnx|PARAM


      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
      O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
      O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe
      O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
      O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
      O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
      O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
      O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://www2.ac-nancy-metz.fr/qp2.cab
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/CursorManiaFWBInitialSetup1.0.0.8-2.cab
      O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
      O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
      O16 - DPF: {FD31BF07-70E3-4B98-8F70-0970AF614275} (HTPlayer Class) - http://www.hot-tv.com/cab/HotTVPlayer.cab
      O18 - Protocol: bw+0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O18 - Protocol: offline-8876480 - {2FE305C3-0D62-4B2C-AECF-F22E652EA8AC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\av_fw\backweb\8520111\Program\SERVIC~1.EXE
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
      O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\8520111\program\fsbwsys.exe
      O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      0
  9. Utilisateur anonyme
     
    Salut,

    d'après ton rapport Lop tu es encore infecté..

    Pas besoin de réactiver France Telecom routing..
    0
  10. michel88 Messages postés 15 Statut Membre
     
    ha bon ! peut on y remedier, merci
    0
  11. michel88 Messages postés 15 Statut Membre
     
    est ce toujour la même chose pourtant je n'ai plus de pages web intempestives
    0
  12. Utilisateur anonyme
     
    Salut,

    Pour afficher tous les dossiers et fichiers cachés;

    Clic sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"
    "
    Coche:
    ¤ afficher les fichiers et dossiers cachés
    Clic sur "appliquer" puis "ok"

    ____
    Clic sur démarrer, poste de travail, C:, documents and settings, all users, application data et supprime ces dossiers

    FreeTest
    WinAntiVirus Pro 2006
    Cake Global Frag Flag

    même chose avec le dossier "Amélie"

    Memo Sixth Site
    HbTools
    Type Camp Roam

    même chose avec le dossier "Michel et Colette"

    ZangoToolbar
    Steinberg
    WinAntiVirus Pro 20006

    Voila :-)
    0
    1. michel88 Messages postés 15 Statut Membre
       
      salut, et merci bon week end
      0
    2. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
       
      désolé pour le retard !

      Tu peux remettre un rapport lopXP ainsi qu'un log hijack STP

      PS : Merci Boule ;-)

      a+
      0