Trojan horse downloader.generic2.MUZ

Résolu
marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention   -  
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
bonjour,
je souhaiterais savoir si quelqu'un pouvait m'aider a eliminer un trojan horse downloader.generic2.MUZ
j'ai effectué une analyse avec AVG anti-spyware et une avec hijack this.
merci d'avance

16 réponses

  1. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    # Télécharge ceci: (merci a S!RI pour ce petit programme).

    http://siri.urz.free.fr/Fix/SmitfraudFix.zip

    Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
    voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
    il va générer un rapport : copie/colle le sur le poste stp.

    0
    1. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
       
      salut
      voici le rapport
      SmitFraudFix v2.128

      Rapport fait à 22:11:00,08, 05/12/2006
      Executé à partir de C:\Documents and Settings\G‚rald\Bureau\SmitfraudFix
      OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
      Le type du système de fichiers est NTFS
      Fix executé en mode normal

      »»»»»»»»»»»»»»»»»»»»»»»» C:\


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


      »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\G‚rald


      »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\G‚rald\Application Data


      »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


      »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\GRALD~1\Favoris


      »»»»»»»»»»»»»»»»»»»»»»»» Bureau


      »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


      »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


      »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
      "Source"="About:Home"
      "SubscribedURL"="About:Home"
      "FriendlyName"="Ma page d'accueil"


      »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      SrchSTS.exe by S!Ri
      Search SharedTaskScheduler's .dll


      »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL"


      »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
      "System"=""


      »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


      »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


      »»»»»»»»»»»»»»»»»»»»»»»» Fin
      0
  2. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    re

    ok,

    scan en ligne : colle rapport entier ( s’il y a quelque chose) :

    http://www.bitdefender.fr/bd/site/search.php#

    ensuite poste un nouveau hijackthis stp

    ++
    0
  3. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    re,
    est ce que c'est normal que bitdefender onlyne prevoit une analyse de presque 4h
    A+
    0
  4. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    ouep ! c'est pas impossible :)

    mais bon, parfois l'estimation est un peu erronée ! parfois ... :)

    ++
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    re,
    peux tu me dire si c normal qu'au bout d'un moment l'analyse s'arrete alors qu'elle n'est pas finie
    je n'arrive pas a aller au bout
    merci
    0
  7. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    re

    des fois, ça prends des "pauses", on a l'impression que ça n'avance plus, mais c'est normal, cela dis, faut pas qu'elles prennent des heures non plus ...

    ++
    0
  8. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    ok merci
    j'espere que ca va pas prendre toute la nuit
    faut que je dorme un peu
    0
  9. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    j'espere que ca va pas prendre toute la nuit

    ça me semble bien partie :)

    je coupe pour ce soir

    ++
    0
  10. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    ok
    je t'enverrai les rapports demain
    ciao
    0
  11. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    re,
    avant coucher
    voici le rapport bitdefender
    BitDefender Online Scanner

    Rapport d'analyse généré à: Wed, Dec 06, 2006 - 00:28:25

    Voie d'analyse: A:\;C:\;D:\;

    Statistiques

    Temps
    01:34:17

    Fichiers
    534548

    Directoires
    4869

    Secteurs de boot
    2

    Archives
    3268

    Paquets programmes
    69133

    Résultats

    Virus identifiés
    10

    Fichiers infectés
    17

    Fichiers suspects
    0

    Avertissements
    0

    Désinfectés
    0

    Fichiers effacés
    17

    Info sur les moteurs

    Définition virus
    324937

    Version des moteurs
    AVCORE v1.0 (build 2368) (i386) (Nov 16 2006 11:31:19)

    Analyse des plugins
    14

    Archive des plugins
    38

    Unpack des plugins
    6

    E-mail plugins
    6

    Système plugins
    1

    Paramètres d'analyse

    Première action
    Désinfecté

    Seconde Action
    Supprimé

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analysées
    *;

    Excludez les extensions

    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui

    Fichier analysé
    Statut

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
    Infecté par: Trojan.Downloader.MSIL.A

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
    Infecté par: Trojan.Zapchast.DB

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
    Echec de la désinfection

    C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
    Supprimé

    C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
    Echec de la désinfection

    C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
    Infecté par: Trojan.Dropper.VB

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)
    Echec de la mise à jour

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
    Détecté avec: Adware.Popupwithcast.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)
    Echec de la mise à jour

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
    Détecté avec: Adware.Popupwithcast.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
    Infecté par: Trojan.Cmapp.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
    Infecté par: Trojan.Cmapp.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
    Infecté par: Trojan.Clicker.VB.FU

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
    Infecté par: Trojan.Clicker.AS

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
    Supprimé

    C:\WINDOWS\aff_0006.exe
    Infecté par: Trojan.Clicker.AS

    C:\WINDOWS\aff_0006.exe
    Echec de la désinfection

    C:\WINDOWS\aff_0006.exe
    Supprimé

    C:\WINDOWS\newpop06.exe
    Infecté par: Trojan.Popuper.BP

    C:\WINDOWS\newpop06.exe
    Echec de la désinfection

    C:\WINDOWS\newpop06.exe
    Supprimé

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
    Infecté par: Trojan.Downloader.BKK

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
    Echec de la désinfection

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
    Supprimé

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)
    Echec de la mise à jour

    ainsi que celui de hijack this

    Logfile of HijackThis v1.99.1
    Scan saved at 00:32:25, on 06/12/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Conversions Plus\FORMATM.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\SmartAP_K2\iRunMon.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\System32\ElkCtrl.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\s?mbols\w?nspool.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Conversions Plus\MacName.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
    C:\Documents and Settings\Gérald\Bureau\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [MacLicense] "C:\Program Files\Conversions Plus\MacLic.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [iRunMon.exe] C:\Program Files\SmartAP_K2\iRunMon.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
    O4 - HKCU\..\Run: [Bhlxn] C:\WINDOWS\system32\s?mbols\w?nspool.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: MacName.lnk = C:\Program Files\Conversions Plus\MacName.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O15 - Trusted Zone: *.dollarrevenue.com
    O15 - Trusted Zone: *.mmohsix.com
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - mk:@MSITStore:C:\DOCUME~1\GRALD~1\LOCALS~1\Temp\winfix.chm::/SystemDoctor2006FreeInstall.cab
    O18 - Protocol: bw+0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: MacFormatService - Unknown owner - C:\Program Files\Conversions Plus\FORMATM.EXE" /SERVICE (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    0
  12. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    salut green day,
    je sais pas si tu as vu les rapports que je t'ai envoyé hier
    est ce ke c'est concluant?
    A+
    0
  13. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    salut,
    voici les rapports d'hier soir
    BitDefender Online Scanner

    Rapport d'analyse généré à: Wed, Dec 06, 2006 - 00:28:25

    Voie d'analyse: A:\;C:\;D:\;

    Statistiques

    Temps
    01:34:17

    Fichiers
    534548

    Directoires
    4869

    Secteurs de boot
    2

    Archives
    3268

    Paquets programmes
    69133

    Résultats

    Virus identifiés
    10

    Fichiers infectés
    17

    Fichiers suspects
    0

    Avertissements
    0

    Désinfectés
    0

    Fichiers effacés
    17

    Info sur les moteurs

    Définition virus
    324937

    Version des moteurs
    AVCORE v1.0 (build 2368) (i386) (Nov 16 2006 11:31:19)

    Analyse des plugins
    14

    Archive des plugins
    38

    Unpack des plugins
    6

    E-mail plugins
    6

    Système plugins
    1

    Paramètres d'analyse

    Première action
    Désinfecté

    Seconde Action
    Supprimé

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analysées
    *;

    Excludez les extensions

    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui

    Fichier analysé
    Statut

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
    Infecté par: Trojan.Downloader.MSIL.A

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0003
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0004
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0005
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0006
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
    Infecté par: Trojan.Zapchast.DB

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
    Echec de la désinfection

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)=>zlib_nsis0009
    Supprimé

    C:\Documents and Settings\Gérald\Local Settings\Temp\mc051706.exe=>(NSIS o)
    Echec de la mise à jour

    C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
    Echec de la désinfection

    C:\Program Files\Common Files\svchostsys\svchostsys.exe.config
    Supprimé

    C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
    Infecté par: Trojan.Downloader.MSIL.B

    C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
    Echec de la désinfection

    C:\Program Files\Common Files\svchostsys\svchostupdate.exe.config
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
    Infecté par: Trojan.Dropper.VB

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)=>zlib_nsis0002
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP159\A0039016.exe=>(NSIS o)=>lzma_nsis0017=>(NSIS o)
    Echec de la mise à jour

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
    Détecté avec: Adware.Popupwithcast.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)=>septpop06apsept.exe
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP209\A0048966.exe=>(RAR Sfx o)
    Echec de la mise à jour

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
    Détecté avec: Adware.Popupwithcast.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0050128.exe
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
    Infecté par: Trojan.Cmapp.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051095.dll
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
    Infecté par: Trojan.Cmapp.A

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP214\A0051096.dll
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
    Infecté par: Trojan.Clicker.VB.FU

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055255.exe
    Supprimé

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
    Infecté par: Trojan.Clicker.AS

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
    Echec de la désinfection

    C:\System Volume Information\_restore{28227608-7267-4D81-8545-BEF536E5BB90}\RP215\A0055256.dll
    Supprimé

    C:\WINDOWS\aff_0006.exe
    Infecté par: Trojan.Clicker.AS

    C:\WINDOWS\aff_0006.exe
    Echec de la désinfection

    C:\WINDOWS\aff_0006.exe
    Supprimé

    C:\WINDOWS\newpop06.exe
    Infecté par: Trojan.Popuper.BP

    C:\WINDOWS\newpop06.exe
    Echec de la désinfection

    C:\WINDOWS\newpop06.exe
    Supprimé

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
    Infecté par: Trojan.Downloader.BKK

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
    Echec de la désinfection

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)=>zlib_nsis0001
    Supprimé

    C:\WINDOWS\YazzleBundle-1264.exe=>(NSIS o)
    Echec de la mise à jour

    et le deuxieme:
    Logfile of HijackThis v1.99.1
    Scan saved at 00:32:25, on 06/12/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Conversions Plus\FORMATM.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\SmartAP_K2\iRunMon.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\System32\ElkCtrl.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\s?mbols\w?nspool.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Conversions Plus\MacName.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
    C:\Documents and Settings\Gérald\Bureau\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [MacLicense] "C:\Program Files\Conversions Plus\MacLic.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [iRunMon.exe] C:\Program Files\SmartAP_K2\iRunMon.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
    O4 - HKCU\..\Run: [Bhlxn] C:\WINDOWS\system32\s?mbols\w?nspool.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: MacName.lnk = C:\Program Files\Conversions Plus\MacName.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O15 - Trusted Zone: *.dollarrevenue.com
    O15 - Trusted Zone: *.mmohsix.com
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - mk:@MSITStore:C:\DOCUME~1\GRALD~1\LOCALS~1\Temp\winfix.chm::/SystemDoctor2006FreeInstall.cab
    O18 - Protocol: bw+0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: MacFormatService - Unknown owner - C:\Program Files\Conversions Plus\FORMATM.EXE" /SERVICE (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    si tu pouvais me dire ce qu'il faut faire ensuite parce que la j'en peu plus
    merci
    0
  14. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    oui,j 'ai vu, je suis passé tout à l'heure, mais pas eu le temps de regarder dans le détail !

    # Désactiver la Restauration du système

    * Cliquez sur le bouton Démarrer.
    * Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
    * Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs

    ( tu pourras la réactivé à la fin de la manip ! )

    # Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

    R3 - URLSearchHook: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)

    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: (no name) - {11E17B66-94F6-B006-84FF-B56935FCDAC0} - C:\WINDOWS\System32\cmnbwe.dll (file missing)

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
    O4 - HKCU\..\Run: [Bhlxn] C:\WINDOWS\system32\s?mbols\w?nspool.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407

    O15 - Trusted Zone: *.dollarrevenue.com
    O15 - Trusted Zone: *.mmohsix.com
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

    O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - mk:@MSITStore:C:\DOCUME~1\GRALD~1\LOCALS~1\Temp\winfix.chm::/SystemDoctor2006FreeInstall.cab

    O18 - Protocol: bw+0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    O18 - Protocol: offline-8876480 - {8403635F-DA37-49A0-96D1-B84883090646} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

    ==> Cliques sur :

    demarrer < executer < tapes " services.msc"

    cherches dans la liste cette ligne et regles la sur "desactivé"

    France Telecom Routing Table Service

    ==> cherche et supprime et les fichiers en gras :

    C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
    C:\WINDOWS\system32\s?mbols\w?nspool.exe
    C:\WINDOWS\System32\cmnbwe.dll

    # ensuite, télécharge et execute ces progs :

    *CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
    http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

    tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm

    *Ccleaner : Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .

    *Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
    est cochée) puis clique sur "lancer le nettoyage"

    ccleaner

    tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

    ensuite, reposte un nouveau hijackthis et precise tes soucis s'il en reste !

    ++

    On peut aussi bâtir quelque chose de beau avec les pierres qui entravent le chemin ( J.W.VON GOETHE
    )
    0
    1. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
       
      re,
      voici le dernier rapport hijackthis:
      Logfile of HijackThis v1.99.1
      Scan saved at 21:36:43, on 06/12/2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\Program Files\Conversions Plus\FORMATM.EXE
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Inventel\Gateway\wlancfg.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\ASUS\Probe\AsusProb.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
      C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
      C:\Program Files\SmartAP_K2\iRunMon.exe
      C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
      C:\WINDOWS\System32\LVCOMSX.EXE
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
      C:\WINDOWS\system32\s?mbols\w?nspool.exe
      C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
      C:\Program Files\Conversions Plus\MacName.exe
      C:\Program Files\Google\Google Updater\GoogleUpdater.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Toaster.exe
      C:\PROGRA~1\Wanadoo\Inactivity.exe
      C:\PROGRA~1\Wanadoo\PollingModule.exe
      C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
      C:\Documents and Settings\Gérald\Bureau\hijackthis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
      O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
      O4 - HKLM\..\Run: [MacLicense] "C:\Program Files\Conversions Plus\MacLic.exe"
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
      O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
      O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
      O4 - HKLM\..\Run: [iRunMon.exe] C:\Program Files\SmartAP_K2\iRunMon.exe
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
      O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
      O4 - Global Startup: MacName.lnk = C:\Program Files\Conversions Plus\MacName.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae2247af126648979ba54ac76d1b9407
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae2247af126648979ba54ac76d1b9407
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
      O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
      O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      O23 - Service: MacFormatService - Unknown owner - C:\Program Files\Conversions Plus\FORMATM.EXE" /SERVICE (file missing)
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

      par contre je ne sais pas s'il reste des soucis, j'ai besoin de tes lumieres pour ca
      A
      +
      0
  15. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
     
    re,
    dis moi comment je fais pour cherchr et surtout supprimer ces fichiers:

    C:\Program Files\Fichiers communs\mc-58-12-0000106.exe
    C:\WINDOWS\system32\s?mbols\w?nspool.exe
    C:\WINDOWS\System32\cmnbwe.dll

    parce ke je n'y arrive pas
    merci
    0
  16. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    re

    bien, pour supprimer ces fichires/dossiers

    tu vas dans :

    demarrer < poste de travail < disque local ( C: )

    ( affiche les fichiers et dossiers cachés, s'ils sont cachés )

    pour le 1er : tu cherches le dossier " Program Files"

    ensuite tu cherche le sous dossier "Fichiers communs" et tu supprime cet executable : mc-58-12-0000106.exe

    pareil pour les autres, en fait, il faut suivre le chemin !

    C:\WINDOWS\system32\s?mbols\w?nspool.exe
    C:\WINDOWS\System32\cmnbwe.dll

    si c'est pas très claire,n'hesite pas à poser tes questions !

    par contre je ne sais pas s'il reste des soucis, j'ai besoin de tes lumieres pour ca

    comment se comporte ton PC ??? ;-))

    ++
    0
    1. marsattak Messages postés 79 Date d'inscription   Statut Membre Dernière intervention  
       
      re,
      j'ai edemaré l'ordi et j'ai eussi a supprimer 2 des 3 fichiers
      par contre le dernier :C:\WINDOWS\System32\cmnbwe.dll
      je ne le trouve pas
      j'ai l'impression que l'ordi fonctionne bien
      merci en tout cas
      je te recontacte si j'ai des soucis
      A+
      0
  17. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    re

    ok! :-)

    installe un parfeu !!

    kerio

    tuto : pour configurer et comprendre Kerio
    https://www.vulgarisation-informatique.com/kerio.php

    avec un peu de lecture au passage :

    https://sebsauvage.net/safehex.html

    securite proteger un ordinateur contre les malwares d internet

    @+

    ;-))

    On peut aussi bâtir quelque chose de beau avec les pierres qui entravent le chemin ( J.W.VON GOETHE
    )
    0