[Virus] Msn + d'autres cochonneries

jeremie -  
 Utilisateur anonyme -
Bonjour,

Je rentre de voyage et j'ai eu la belle surprise de trouver mon PC infecté de plein de petites merdes. Deja une chose est sure, ma soeur m'a dit avoir cliqué sur un lien msn qui a contaminé msn, et qui renvoie ce meme lien a tous ses contatcs connectés. Je repars dans 2 jours, j'aimerais bien laisser mon PC propre, est ce que vous pouvez m'aider s'il vous plait. Je vous met le rapport hijackthis.

Merci d'avance et joyeux noel a tous !!!

Logfile of HijackThis v1.99.1
Scan saved at 12:04:18, on 25/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Documents and Settings\abdel\Bureau\winstall.exe
C:\WINDOWS\System32\nfomon\nfomon.exe
C:\WINDOWS\System32\vidmon\vidmon.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\TribalWeb.net\tribalweb.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\W?nSxS\l?gonui.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\PeDevice\PeDev.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ljcvhmditoawantsanh.biz/bOK/fDm80lmsebsmbs7ZFSXkHVjezioRq7WQ61gYmJfGhLGteCrsO1qPcTJ/eOdI.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: imagxjg - {07E40AEF-BCFF-034B-CFC5-10759802C07E} - C:\WINDOWS\System32\imagxjg.dll (file missing)
O2 - BHO: (no name) - {0B6672D8-1239-C678-7E9D-04FCC22A3796} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
O2 - BHO: wiavidez - {3DE03E9C-A97A-7425-3390-8AB0682AFB1C} - C:\WINDOWS\System32\wiavidez.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{38C02~1\888Bar.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
O2 - BHO: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Search - {6C66E3D2-EB3E-4900-D437-7EDA0D2EBC89} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{38C02~1\888Bar.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Windows Registry Cleaner] winclean.exe
O4 - HKLM\..\Run: [netservices] recall.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Automation
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\abdel\Bureau\winstall.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\System32\nfomon\nfomon.exe
O4 - HKLM\..\Run: [vidmon] C:\WINDOWS\System32\vidmon\vidmon.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunServices: [netservices] recall.exe
O4 - HKLM\..\RunServices: [Windows Registry Cleaner] winclean.exe
O4 - HKLM\..\RunServices: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKCU\..\Run: [Mini-XP] C:\Program Files\Minimizer XP\Mini-XP.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe"
O4 - HKCU\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Aate] "C:\DOCUME~1\abdel\MESDOC~1\ICROSO~1.NET\nslookup.exe" -vt yazb
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096197995560
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{330E57BF-BEC6-453F-8B34-87CCB0C02D65}: NameServer = 212.27.54.252,213.228.0.23
O18 - Protocol: bw+0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Auto RTPatch Scheduler - Pocket Soft, Inc. - C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Configuration: Windows XP
Internet Explorer 6.0

11 réponses

  1. Utilisateur anonyme
     
    Bonjour

    Télécharge Combofix.exe (par sUBs) sur ton Bureau
    http://download.bleepingcomputer.com/sUBs/combofix.exe

    Double clique combofix.exe et suis les invites.
    Lorsque le scan sera complété, un rapport apparaîtra.
    Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
    0
    1. jeremie
       
      Merci de te pencher sur la question.

      Voila le rapport combofix

      ComboFix 06.11.27 - Running from: "C:\Documents and Settings\abdel\Bureau"

      (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



      ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

      Folders Quarantined:

      C:\QooBox\Purity\Documents and Settings\abdel\Mes documents\ICROSO~1.NET
      C:\QooBox\Purity\Documents and Settings\abdel\Mes documents\ICROSO~1.NET\?icrosoft.NET
      C:\QooBox\Purity\WINDOWS\system32\RACLE~1
      C:\QooBox\Purity\WINDOWS\system32\WNSXS~1
      C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1
      C:\QooBox\Purity\WINDOWS\system32\WNSXS~1\l?gonui.exe


      ((((((((((((((((((((((((((((((( Files Created from 2006-11-25 to 2006-12-25 ))))))))))))))))))))))))))))))))))


      2006-12-25 13:10 <REP> d-------- C:\Program Files\iTunes
      2006-12-25 13:08 <REP> d-------- C:\Program Files\QuickTime
      2006-12-25 13:06 <REP> d-------- C:\Program Files\Apple Software Update
      2006-12-25 12:56 19,666,504 --a------ C:\Program Files\QuickTimeInstaller.exe
      2006-12-25 12:36 <REP> d-------- C:\WINDOWS\system32\%SystemRoot%
      2006-12-24 18:24 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
      2006-12-24 18:24 274,432 --a------ C:\WINDOWS\system32\imon.dll
      2006-12-24 18:23 <REP> d-------- C:\Program Files\ESET
      2006-12-24 14:12 <REP> d-------- C:\Program Files\PeDevice
      2006-12-21 19:29 58,880 --a------ C:\WINDOWS\system32\nxme.dll
      2006-12-09 11:25 <REP> d--h----- C:\WINDOWS\system32\vidmon
      2006-12-09 11:25 <REP> d--h----- C:\WINDOWS\system32\nfomon
      2006-12-09 11:25 <REP> d--h----- C:\Program Files\Fichiers communs\Uninstall Information
      2006-12-09 11:25 <REP> d--h----- C:\Documents and Settings\All Users.WINDOWS\Application Data\vidmon
      2006-12-09 11:25 <REP> d--h----- C:\Documents and Settings\All Users.WINDOWS\Application Data\nfo
      2006-12-01 21:40 122,880 --a------ C:\Documents and Settings\abdel\winstall.exe


      (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


      2006-12-25 15:35 -------- d-------- C:\Program Files\Fichiers communs
      2006-12-25 13:10 -------- d-------- C:\Program Files\iPod
      2006-12-25 12:39 -------- d--h----- C:\Program Files\InstallShield Installation Information
      2006-12-25 12:04 27925 --a------ C:\Program Files\hijackthis.log
      2006-12-25 11:11 -------- d-------- C:\Program Files\eMule
      2006-12-24 18:53 -------- d-------- C:\Program Files\Spybot - Search & Destroy
      2006-12-24 18:38 -------- d-------- C:\Program Files\Java
      2006-12-21 19:29 -------- d-------- C:\Program Files\Common Files
      2006-12-01 21:37 -------- d-------- C:\Program Files\MSN Messenger
      2006-09-30 16:34 3534076 --a------ C:\Program Files\eMule0.47c-Installer.exe


      (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

      *Note* empty entries are not shown

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
      "Mini-XP"="C:\\Program Files\\Minimizer XP\\Mini-XP.exe"
      "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
      "SuperRam"="\"C:\\Program Files\\SuperRam\\SuperRam.exe\""
      "Microsoft Secure Messenger.NET Service"="securitychk.exe"
      "msnmsgr"="\"C:\\PROGRA~1\\MSNMES~1\\msnmsgr.exe\" /background"
      "Yahoo! Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
      "Creative Detector"="C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe /R"
      "LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
      "Aate"="\"C:\\DOCUME~1\\abdel\\MESDOC~1\\ICROSO~1.NET\\nslookup.exe\" -vt yazb"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
      "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
      "OmniPage"="C:\\Program Files\\Caere\\OmniPagePro90\\opware32.exe"
      "Microsoft Secure Messenger.NET Service"="securitychk.exe"
      "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
      "Advanced Tools Check"="C:\\PROGRA~1\\NORTON~1\\AdvTools\\ADVCHK.EXE"
      "SSC_UserPrompt"="C:\\Program Files\\Fichiers communs\\Symantec Shared\\Security Center\\UsrPrmpt.exe"
      "MessengerPlus3"="\"C:\\Program Files\\Messenger Plus! 3\\MsgPlus.exe\""
      "WooCnxMon"="C:\\PROGRA~1\\Wanadoo\\CnxMon.exe"
      "WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
      "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
      "Config Loader"=""
      "Registry Loader"=""
      "MS Config Loader"=""
      "Microsoft Office"=""
      "Microsoft Office Start"=""
      "Windows Backup Configuration"=""
      "Microsoft Windows Updater"=""
      "Config Loader2"=""
      "Office Startup"=""
      "Quicktime Pro 3.0"=""
      "Svhost Loader"=""
      "MS Security Hotfix"=""
      "Windows Communicator"=""
      "Config Loader for Microsoft Windows"=""
      "System Loaderav"=""
      "ConfiggLoader"=""
      "Configuration Loader"=""
      "Sound Loader"=""
      "Windows Config Manager"=""
      "Windows Loader"=""
      "Service Controller"=""
      "Ms Task"=""
      "Windows Explorer"=""
      "Mixer"=""
      "System Loaderap"=""
      "Norton Live Updater"=""
      "Windows Update Service"=""
      "Update"=""
      "Configuration Loading"=""
      "MS Config Stream"=""
      "Win Init"=""
      "Windows Startup"=""
      "machine-debugger"=""
      "Windows Media Player"=""
      "WindowsFS"=""
      "DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033 -lock"
      "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
      "WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\TaskbarIcon.exe"
      "Windows Registry Cleaner"="winclean.exe"
      "netservices"="recall.exe"
      "zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
      "LogitechGalleryRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
      "LVCOMSX"="C:\\WINDOWS\\System32\\LVCOMSX.EXE"
      "Pando"="\"C:\\Program Files\\Pando Networks\\Pando\\Pando.exe\" /Automation"
      @=""
      "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
      "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
      "Logitech Utility"="Logi_MwX.Exe"
      "MMTray"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe"
      "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
      "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
      "Nfo"="C:\\WINDOWS\\System32\\nfomon\\nfomon.exe"
      "vidmon"="C:\\WINDOWS\\System32\\vidmon\\vidmon.exe"
      "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
      "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
      "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
      "WinMsg"="%SystemRoot%\\winmsgr.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
      "Installed"="1"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
      "Installed"="1"
      "NoChange"="1"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
      "Installed"="1"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
      "netservices"="recall.exe"
      "Windows Registry Cleaner"="winclean.exe"
      "Microsoft Secure Messenger.NET Service"="securitychk.exe"
      "Config Loader"=""
      "Registry Loader"=""
      "MS Config Loader"=""
      "Microsoft Office"=""
      "Microsoft Office Start"=""
      "Windows Update"=""
      "Windows Backup Configuration"=""
      "Microsoft Windows Updater"=""
      "Config Loader2"=""
      "Office Startup"=""
      "Quicktime Pro 3.0"=""
      "Svhost Loader"=""
      "MS Security Hotfix"=""
      "Windows Communicator"=""
      "Config Loader for Microsoft Windows"=""
      "System Loaderav"=""
      "ConfiggLoader"=""
      "Sound Loader"=""
      "Windows Config Manager"=""
      "Windows Loader"=""
      "Service Controller"=""
      "Ms Task"=""
      "Mixer"=""
      "System Loaderap"=""
      "Norton Live Updater"=""
      "Windows Update Service"=""
      "Update"=""
      "Configuration Loading"=""
      "MS Config Stream"=""
      "Win Init"=""
      "Windows Startup"=""
      "Windows Media Player"=""
      "WindowsFS"=""

      [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
      "DeskHtmlVersion"=dword:00000110
      "DeskHtmlMinorVersion"=dword:00000005
      "Settings"=dword:00000001
      "GeneralFlags"=dword:00000001

      [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
      "Source"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg"
      "SubscribedURL"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg"
      "FriendlyName"=""
      "Flags"=dword:00002001
      "Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,e8,\
      03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
      "CurrentState"=hex:01,00,00,40
      "OriginalStateInfo"=hex:18,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
      00,00,01,00,00,00
      "RestoredStateInfo"=hex:dc,ff,ce,03,20,65,ea,77,60,26,e4,77,ff,ff,ff,ff,32,bb,\
      e6,77,32,bb,e6,77

      [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
      "Source"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg"
      "SubscribedURL"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg"
      "FriendlyName"=""
      "Flags"=dword:00002001
      "Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ea,\
      03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
      "CurrentState"=hex:01,00,00,40
      "OriginalStateInfo"=hex:18,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
      00,00,01,00,00,00
      "RestoredStateInfo"=hex:dc,ff,00,04,20,65,ea,77,60,26,e4,77,ff,ff,ff,ff,32,bb,\
      e6,77,32,bb,e6,77

      [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
      "Source"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image002.gif"
      "SubscribedURL"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image002.gif"
      "FriendlyName"=""
      "Flags"=dword:00002001
      "Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ec,\
      03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
      "CurrentState"=hex:01,00,00,40
      "OriginalStateInfo"=hex:18,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
      00,00,01,00,00,00
      "RestoredStateInfo"=hex:dc,ff,10,04,20,65,ea,77,60,26,e4,77,ff,ff,ff,ff,32,bb,\
      e6,77,32,bb,e6,77

      [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\3]
      "Source"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image004.gif"
      "SubscribedURL"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image004.gif"
      "FriendlyName"=""
      "Flags"=dword:00002001
      "Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ee,\
      03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
      "CurrentState"=hex:01,00,00,40
      "OriginalStateInfo"=hex:18,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
      00,00,01,00,00,00
      "RestoredStateInfo"=hex:dc,ff,1b,04,20,65,ea,77,60,26,e4,77,ff,ff,ff,ff,32,bb,\
      e6,77,32,bb,e6,77

      [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\4]
      "Source"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image001.gif"
      "SubscribedURL"="file:///C:/DOCUME~1/abdel/LOCALS~1/Temp/msohtml1/01/clip_image001.gif"
      "FriendlyName"=""
      "Flags"=dword:00002001
      "Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,f0,\
      03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
      "CurrentState"=hex:01,00,00,40
      "OriginalStateInfo"=hex:18,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
      00,00,01,00,00,00
      "RestoredStateInfo"=hex:dc,ff,bb,04,20,65,ea,77,60,26,e4,77,ff,ff,ff,ff,32,bb,\
      e6,77,32,bb,e6,77

      [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\5]
      "Source"="About:Home"
      "SubscribedURL"="About:Home"
      "FriendlyName"="Ma page d'accueil"
      "Flags"=dword:00000002
      "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,00,00,00,\
      00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
      "CurrentState"=hex:04,00,00,40
      "OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
      00,00,04,00,00,40
      "RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
      00,00,01,00,00,00

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
      "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
      "netservices"="recall.exe"
      "Windows Registry Cleaner"="winclean.exe"
      "Microsoft Secure Messenger.NET Service"="securitychk.exe"
      "ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
      "netservices"="recall.exe"
      "Windows Registry Cleaner"="winclean.exe"
      "Microsoft Secure Messenger.NET Service"="securitychk.exe"

      [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
      "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
      "netservices"="recall.exe"
      "Windows Registry Cleaner"="winclean.exe"
      "Microsoft Secure Messenger.NET Service"="securitychk.exe"
      "ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

      [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
      "netservices"="recall.exe"
      "Windows Registry Cleaner"="winclean.exe"
      "Microsoft Secure Messenger.NET Service"="securitychk.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
      "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
      "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
      "NoDriveTypeAutoRun"=dword:00000000

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "dontdisplaylastusername"=dword:00000000
      "legalnoticecaption"=""
      "legalnoticetext"=""
      "shutdownwithoutlogon"=dword:00000001
      "undockwithoutlogon"=dword:00000001

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
      "NoDriveTypeAutoRun"=dword:00000091

      [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
      "NoDriveTypeAutoRun"=dword:00000091

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
      "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
      "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
      "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
      "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
      "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


      Contents of the 'Scheduled Tasks' folder
      C:\WINDOWS\tasks\AppleSoftwareUpdate.job
      C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
      C:\WINDOWS\tasks\Symantec NetDetect.job

      Completion time: 06-12-25 16:16:40.42
      C:\ComboFix.txt ... 06-12-25 16:16
      C:\ComboFix2.txt ... 06-12-25 15:35
      C:\ComboFix3.txt ... 06-12-25 14:58

      ************************************************************************************************************************************************************************************************************************

      Et voila le hijackthis:

      Logfile of HijackThis v1.99.1
      Scan saved at 16:19:11, on 25/12/2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\spoolsv.exe
      c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
      C:\WINDOWS\System32\CTsvcCDA.EXE
      C:\WINDOWS\system32\crypserv.exe
      C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Caere\OmniPagePro90\opware32.exe
      C:\WINDOWS\system32\ntvdm.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\Messenger Plus! 3\MsgPlus.exe
      C:\PROGRA~1\Wanadoo\CnxMon.exe
      C:\Program Files\D-Tools\daemon.exe
      C:\Program Files\Winamp\winampa.exe
      C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
      C:\Program Files\Logitech\iTouch\iTouch.exe
      C:\WINDOWS\System32\LVCOMSX.EXE
      C:\Program Files\Pando Networks\Pando\Pando.exe
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
      C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Documents and Settings\abdel\Bureau\winstall.exe
      C:\WINDOWS\System32\nfomon\nfomon.exe
      C:\WINDOWS\System32\vidmon\vidmon.exe
      C:\Program Files\Eset\nod32kui.exe
      C:\Program Files\Logitech\MouseWare\system\em_exec.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
      C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
      C:\Program Files\TribalWeb.net\tribalweb.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\WINDOWS\system32\W?nSxS\l?gonui.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Norton AntiVirus\SAVScan.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\PeDevice\PeDev.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ljcvhmditoawantsanh.biz/bOK/fDm80lmsebsmbs7ZFSXkHVjezioRq7WQ61gYmJfGhLGteCrsO1qPcTJ/eOdI.php
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/
      R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
      R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: imagxjg - {07E40AEF-BCFF-034B-CFC5-10759802C07E} - C:\WINDOWS\System32\imagxjg.dll (file missing)
      O2 - BHO: (no name) - {0B6672D8-1239-C678-7E9D-04FCC22A3796} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
      O2 - BHO: wiavidez - {3DE03E9C-A97A-7425-3390-8AB0682AFB1C} - C:\WINDOWS\System32\wiavidez.dll (file missing)
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
      O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
      O2 - BHO: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
      O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
      O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O3 - Toolbar: Search - {6C66E3D2-EB3E-4900-D437-7EDA0D2EBC89} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
      O4 - HKLM\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
      O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
      O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
      O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
      O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
      O4 - HKLM\..\Run: [Windows Registry Cleaner] winclean.exe
      O4 - HKLM\..\Run: [netservices] recall.exe
      O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
      O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Automation
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\System32\nfomon\nfomon.exe
      O4 - HKLM\..\Run: [vidmon] C:\WINDOWS\System32\vidmon\vidmon.exe
      O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [WinMsg] %SystemRoot%\winmsgr.exe
      O4 - HKLM\..\RunServices: [netservices] recall.exe
      O4 - HKLM\..\RunServices: [Windows Registry Cleaner] winclean.exe
      O4 - HKLM\..\RunServices: [Microsoft Secure Messenger.NET Service] securitychk.exe
      O4 - HKCU\..\Run: [Mini-XP] C:\Program Files\Minimizer XP\Mini-XP.exe
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe"
      O4 - HKCU\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
      O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [Aate] "C:\DOCUME~1\abdel\MESDOC~1\ICROSO~1.NET\nslookup.exe" -vt yazb
      O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
      O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
      O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
      O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
      O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {16BED5D9-AA6B-4A96-A134-C1958893490F} (VacPro.int_ver40v) - http://advnt01.com/dialer/int_ver40v.CAB
      O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
      O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
      O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
      O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
      O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6fr.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096197995560
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
      O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
      O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
      O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll
      O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
      O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{330E57BF-BEC6-453F-8B34-87CCB0C02D65}: NameServer = 212.27.54.252,213.228.0.23
      O18 - Protocol: bw+0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - AppInit_DLLs: MsgPlusLoader.dll
      O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Auto RTPatch Scheduler - Pocket Soft, Inc. - C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
      O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
      O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

      ENCORE MERCI
      @+
      0
  2. Utilisateur anonyme
     
    Re

    Du ménage vient d'être fait.
    Mais il en reste encore beaucoup.

    $$ Télécharge
    SDFix sur ton bureau
    http://downloads.andymanchesta.com/RemovalTools/SDFix.zip

    clean.zip
    http://www.malekal.com/download/clean.zip
    Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

    $$ Redémarre en mode sans échec.

    $$ Ouvre le dossier Clean qui se trouve sur ton bureau, et double-clic sur clean.cmd.
    Une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

    $$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout"
    Double-clique sur RunThis.bat
    Tape Y pour lancer le script.
    Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
    Presse une touche pour redémarrer
    Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

    Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt" avec le rapport qui se trouve ici C:\rapport_clean.txt et un nouveau HijackThis.
    0
  3. jeremie
     
    Bon j'ai pas réussi a utiliser SDFix. Qd je lançais le runthis.bat, il me demandait de dezipper 3 fichiers dans C:\windows\system32 et de relancer le script. Ce que je faisais, malgré ça, après la 2ème relance il me le redemandait encore et encore...

    sinon voilà le rapport_clean:

    Script clean par Malekal_morte - http://www.malekal.com

    Microsoft Windows XP [version 5.1.2600]
    Script execute en mode sans echec

    *** Suppression de fichiers sur C:
    C:\StubInstaller.exe FOUND

    *** Suppression des fichiers dans %SystemRoot%\
    C:\WINDOWS\bsx32\ FOUND

    *** Suppression des fichiers dans %SystemRoot%\system32
    C:\WINDOWS\system32\setup_?????.exe FOUND
    C:\WINDOWS\system32\vidmon\vidmon.exe FOUND
    "C:\WINDOWS\Downloaded Program Files\*_*_*NetInstaller.exe" FOUND
    "C:\WINDOWS\Downloaded Program Files\speedtest2.dll" FOUND
    "C:\Documents and Settings\abdel\Bureau\winstall.exe" FOUND
    "C:\Documents and Settings\abdel\winstall.exe" FOUND

    "C:\Program Files\Common Files\WNSXS~1\" FOUND
    "C:\Program Files\MSN Messenger\msrr.exe" FOUND
    "C:\Program Files\PeDevice\" FOUND

    *** Suppression des clefs du registre effectuee..

    ********************************************************

    Et le hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 20:18:55, on 25/12/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\system32\crypserv.exe
    C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Caere\OmniPagePro90\opware32.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Winamp\winampa.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Pando Networks\Pando\Pando.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\nfomon\nfomon.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\TribalWeb.net\tribalweb.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ljcvhmditoawantsanh.biz/bOK/fDm80lmsebsmbs7ZFSXkHVjezioRq7WQ61gYmJfGhLGteCrsO1qPcTJ/eOdI.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: imagxjg - {07E40AEF-BCFF-034B-CFC5-10759802C07E} - C:\WINDOWS\System32\imagxjg.dll (file missing)
    O2 - BHO: (no name) - {0B6672D8-1239-C678-7E9D-04FCC22A3796} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
    O2 - BHO: wiavidez - {3DE03E9C-A97A-7425-3390-8AB0682AFB1C} - C:\WINDOWS\System32\wiavidez.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
    O2 - BHO: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Search - {6C66E3D2-EB3E-4900-D437-7EDA0D2EBC89} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
    O4 - HKLM\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [Windows Registry Cleaner] winclean.exe
    O4 - HKLM\..\Run: [netservices] recall.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Automation
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\System32\nfomon\nfomon.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [WinMsg] %SystemRoot%\winmsgr.exe
    O4 - HKLM\..\RunServices: [netservices] recall.exe
    O4 - HKLM\..\RunServices: [Windows Registry Cleaner] winclean.exe
    O4 - HKLM\..\RunServices: [Microsoft Secure Messenger.NET Service] securitychk.exe
    O4 - HKCU\..\Run: [Mini-XP] C:\Program Files\Minimizer XP\Mini-XP.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe"
    O4 - HKCU\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Aate] "C:\DOCUME~1\abdel\MESDOC~1\ICROSO~1.NET\nslookup.exe" -vt yazb
    O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {16BED5D9-AA6B-4A96-A134-C1958893490F} (VacPro.int_ver40v) - http://advnt01.com/dialer/int_ver40v.CAB
    O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
    O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6fr.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096197995560
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
    O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} - http://activex.matcash.com/speedtest2.dll
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{330E57BF-BEC6-453F-8B34-87CCB0C02D65}: NameServer = 212.27.54.252,213.228.0.23
    O18 - Protocol: bw+0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Auto RTPatch Scheduler - Pocket Soft, Inc. - C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

    MERCI
    0
  4. Utilisateur anonyme
     
    Re

    On continue.

    Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
    Les manipulations sont à faire sans interruption et dans l'ordre.
    Si tu ne comprends pas quelque chose, demande des explications avant de commencer


    1 Télécharge
    CCleaner.

    http://www.filehippo.com/download_ccleaner.html
    Installe le dans un répertoire dédié.

    AVG Anti-Spyware
    https://www.avg.com/en-ww/free-antivirus-download
    Tu l'installes.
    Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

    2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
    Démarre l'ordinateur.
    Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
    En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.

    3 Relance un scan HijackThis et coche les lignes ci-dessous :

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ljcvhmditoawantsanh.biz/
    R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
    R3 - URLSearchHook: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: imagxjg - {07E40AEF-BCFF-034B-CFC5-10759802C07E} - C:\WINDOWS\System32\imagxjg.dll (file missing)
    O2 - BHO: (no name) - {0B6672D8-1239-C678-7E9D-04FCC22A3796} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
    O2 - BHO: wiavidez - {3DE03E9C-A97A-7425-3390-8AB0682AFB1C} - C:\WINDOWS\System32\wiavidez.dll (file missing)
    O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
    O2 - BHO: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32\nxme.dll
    O3 - Toolbar: Search - {6C66E3D2-EB3E-4900-D437-7EDA0D2EBC89} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Windows Registry Cleaner] winclean.exe
    O4 - HKLM\..\Run: [netservices] recall.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\System32\nfomon\nfomon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WinMsg] %SystemRoot%\winmsgr.exe
    O4 - HKLM\..\RunServices: [netservices] recall.exe
    O4 - HKLM\..\RunServices: [Windows Registry Cleaner] winclean.exe
    O4 - HKLM\..\RunServices: [Microsoft Secure Messenger.NET Service] securitychk.exe
    O4 - HKCU\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Aate] "C:\DOCUME~1\abdel\MESDOC~1\ICROSO~1.NET\nslookup.exe" -vt yazb
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {16BED5D9-AA6B-4A96-A134-C1958893490F} (VacPro.int_ver40v) - http://advnt01.com/dialer/int_ver40v.CAB
    O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
    O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6fr.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
    O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} - http://activex.matcash.com/speedtest2.dll
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
    O18 - Protocol: bw+0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

    4 Assure toi d'avoir accés à tous les fichiers.
    Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
    Activer la case : Afficher les fichiers et dossiers cachés
    Désactiver la case : Masquer les extensions des fichiers dont le type est connu
    Désactiver la case : Masquer les fichiers protégés du système d'exploitation
    Puis Appliquer

    5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

    C:\Documents and Settings\abdel\Mes documents\ICROSO~1.NET
    C:\WINDOWS\System32\nfomon
    C:\WINDOWS\System32\nxme.dll
    securitychk.exe
    winclean.exe
    recall.exe
    winmsgr.exe

    Pour ces derniers, probablement dans C:\WINDOWS\System32, C:\WINDOWS ou C:\

    Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

    6 Lance le nettoyage avec CCleaner

    7 Lance AVG Anti-Spyware
    Clique sur le bouton Analyse (de la barre d'outils)
    Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
    Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
    A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
    Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

    8 Redémarre normalement

    Poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Jeremie
     
    Ok j'ai fait ce que tu m'as dit. Voila le rapport AVG Anti-spyware

    ---------------------------------------------------------
    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 12:55:19 26/12/2006

    + Résultat de l'analyse:

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bargain Buddy -> Adware.BargainBuddy : Nettoyé et sauvegardé (mise en quarantaine).
    HKLM\SOFTWARE\Classes\VCCPGDATAACCESS.PgDataAccessCtrl.1 -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Fichiers communs\Uninstall Information\RemoveWebDP.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/RemoveWebDP.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/nfo.ocx -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/nfom.dll -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/nfomon.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199995.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\nfomon\nfo.ocx -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\nfomon\nfom.dll -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\nfomon\nfomon.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
    HKLM\SOFTWARE\Classes\CLSID\{E1412445-4FF8-410e-8D24-F2CF86B171A4} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196329.exe -> Adware.Maxifiles : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\backups\backup-20061226-095033-192.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196271.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196291.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196414.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP950\A0196555.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199996.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199997.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0201016.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196276.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196278.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196365.dll -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199246.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199289.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199291.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199293.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199295.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP14\A0000861.exe -> Backdoor.Agobot : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP18\A0002339.exe -> Backdoor.Agobot : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196296.rbf -> Backdoor.MSNMaker.ab : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196270.exe -> Downloader.Agent.bca : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196292.exe -> Downloader.Agent.bca : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0197208.exe -> Downloader.Agent.bca : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196333.EXE -> Downloader.PurityScan.dy : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\MsgPlus-252.exe/70000011.exe -> Downloader.Swizzor.af : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{A173D176-77CA-4110-8485-E3078F59BF84}\RP48\A0117549.exe -> Downloader.Swizzor.ck : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP954\A0196661.exe -> Dropper.DollarR.b : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP955\A0197159.EXE -> Dropper.DollarR.b : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\in10b6s.dlltmp -> Dropper.Small.abe : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196275.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196277.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199288.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199290.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199292.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199294.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL.rar/PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE + SP6\Protel99_SP6.zip/Protel99_ServicePack_6.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL.rar/PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE\PROTEL_P.EXE -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6.zip/Protel 99 SE + ServicePack 6/Crack/Protel 99 SE + SP6/Protel99_SP6.zip/Protel99_ServicePack_6.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6.zip/Protel 99 SE + ServicePack 6/Crack/Protel 99 SE/PROTEL_P.EXE -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE + SP6\Protel99_SP6.zip/Protel99_ServicePack_6.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE\PROTEL_P.EXE -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Documents and Settings\Abdellah\Cookies\abdellah@ilead.itrack[2].txt -> TrackingCookie.Itrack : Nettoyé.
    C:\Documents and Settings\Abdellah\Cookies\abdellah@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196273.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196290.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196416.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP950\A0196556.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP952\A0196617.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0197207.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196272.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196325.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196327.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196331.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196334.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196367.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).

    Fin du rapport

    ************************************************************************************************************

    Et voila le nouveau hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 13:04:26, on 26/12/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\system32\crypserv.exe
    C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Caere\OmniPagePro90\opware32.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Pando Networks\Pando\Pando.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\TribalWeb.net\tribalweb.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\Program Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Automation
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [Mini-XP] C:\Program Files\Minimizer XP\Mini-XP.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net\tribalweb.exe
    O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096197995560
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O17 - HKLM\System\CCS\Services\Tcpip\..\{330E57BF-BEC6-453F-8B34-87CCB0C02D65}: NameServer = 212.27.54.252,213.228.0.23
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Auto RTPatch Scheduler - Pocket Soft, Inc. - C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    0
  7. jeremie
     
    ok je vais en supprimer un.
    Voilà le rapport Kaspersky, il m'a trouvé un paquet de virus...

    -------------------------------------------------------------------------------
    KASPERSKY ON-LINE SCANNER REPORT
    Wednesday, December 27, 2006 12:43:25 PM
    Système d'exploitation : Microsoft Windows XP Professional, (Build 2600)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 27/12/2006
    Enregistrements dans la base antivirus Kaspersky : 240194
    -------------------------------------------------------------------------------

    Paramètres d'analyse:
    Analyser avec la base antivirus suivante: standard
    Analyser les archives: vrai
    Analyser les bases de messagerie: vrai

    Cible de l'analyse - Poste de travail:
    A:\
    C:\
    D:\
    F:\
    L:\

    Statistiques de l'analyse:
    Total d'objets analysés: 113680
    Nombre de virus trouvés: 51
    Nombre d'objets infectés: 195 / 0
    Nombre d'objets suspects: 2
    Durée de l'analyse: 02:48:18

    Nom de l'objet infecté / Nom du virus / Dernière action
    C:\bd79b06ac59a775156ac0b765423\sp1\update\kb823980.cat L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Application Data\Azureus\ipfilter.cache L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Application Data\Pando\Pando Files\cert\cert8.db L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Application Data\Pando\Pando Files\cert\key3.db L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Application Data\Pando\Pando Files\pando.log L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Historique\History.IE5\MSHist012006122720061228\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Temp\hsperfdata_abdel\3220 L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Temp\mpl3AD.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Temp\Perflib_Perfdata_10c.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Temp\~DF5080.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\abdel\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24aeb104470ffbd69ad47a1f3c52f12d_268ea376-fff5-42bb-91fa-daa497194321 L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\511a0f3f9e960fa97de3d0b74adfc574_268ea376-fff5-42bb-91fa-daa497194321 L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec\Common Client\settings.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Program Files\ESET\cache\CACHE.NDB L'objet est verrouillé ignoré
    C:\Program Files\ESET\infected\2KZ1M3DA.NQF Infecté : Trojan-Downloader.Win32.VB.ft ignoré
    C:\Program Files\ESET\infected\EAHNYQCA.NQF Infecté : Trojan-Downloader.Win32.PurityScan.co ignoré
    C:\Program Files\ESET\infected\ECT2SXDA.NQF Infecté : Trojan-Downloader.Win32.PurityScan.co ignoré
    C:\Program Files\ESET\infected\MQRU1FCA.NQF Infecté : Trojan-Downloader.Win32.PurityScan.co ignoré
    C:\Program Files\ESET\infected\RYCG2ICA.NQF Infecté : Trojan-Downloader.Win32.VB.ft ignoré
    C:\Program Files\ESET\infected\VN0IYFCA.NQF Infecté : Trojan-Downloader.Win32.VB.ft ignoré
    C:\Program Files\ESET\logs\virlog.dat L'objet est verrouillé ignoré
    C:\Program Files\ESET\logs\warnlog.dat L'objet est verrouillé ignoré
    C:\Program Files\Norton AntiVirus\AVApp.log L'objet est verrouillé ignoré
    C:\Program Files\Norton AntiVirus\AVError.log L'objet est verrouillé ignoré
    C:\Program Files\Norton AntiVirus\AVVirus.log L'objet est verrouillé ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\035A18A9.tmp Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\03EE187D.tmp Infecté : Backdoor.Win32.Wootbot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\05267DB5.class Infecté : Trojan-Dropper.Java.Small.d ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\056D3207.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\059753D9.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\05C51FA6.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\06001366.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\064B5913.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\066B7CEF.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0AB16B1A.tmp Infecté : Backdoor.Win32.Wootbot.j ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0B4D681E.tmp Infecté : Backdoor.Win32.Jeemp.c ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0BAA65F8.dll Infecté : Backdoor.Win32.Afcore.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0BAA65F8.exe Infecté : Backdoor.Win32.Wootbot.u ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0BAD0FF5.dll Infecté : Backdoor.Win32.Afcore.as ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0C0B0916.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0C441B50.exe Infecté : Backdoor.Win32.Wootbot.j ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0C47454C.exe Infecté : Backdoor.Win32.Wootbot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0E0A2992.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0E7B51AF Infecté : Trojan-Downloader.Win32.Small.amr ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0ED6338B.htm Suspect : Exploit.HTML.Mht ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\0FC906B8 Infecté : Trojan-Downloader.Win32.IstBar.aj ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\139A769C.exe Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\13BE08D3 Infecté : Trojan-Dropper.Win32.Small.ht ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\13C7350B.exe Infecté : Backdoor.Win32.Apdoor.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\148E3630 Infecté : Trojan.JS.StartPage.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\14AB3AA8 Infecté : Trojan-Downloader.Win32.Swizzor.ca ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\14AD1A02 Infecté : Trojan-Downloader.Win32.Small.id ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\14E379D2 Infecté : Trojan.JS.StartPage.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\15A17D02.exe Infecté : Trojan-Downloader.Win32.Brok ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\17185965 Infecté : Backdoor.Win32.Jeemp.c ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\18347DA7.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\18CF3FE5.tmp Infecté : Backdoor.Win32.Wootbot.u ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\18D369E1.tmp Infecté : Trojan-Downloader.Win32.Brok ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\19191930.exe Infecté : Backdoor.Win32.Jeemp.c ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\19D04867 Infecté : Backdoor.Win32.Apdoor.g ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\1A4C03DF Infecté : Trojan-Downloader.VBS.Wipup ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\1ADE5ACF Infecté : Trojan-Downloader.Win32.IstBar.er ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\1C4A199F.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\1E256FF4.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\203D5600 Infecté : Trojan-Downloader.Win32.IstBar.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\21A825C5 Infecté : Trojan-Downloader.Win32.Small.id ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\21AB4FC1 Infecté : Trojan-Downloader.Win32.Small.id ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\21B223BA Infecté : Trojan-Downloader.Win32.Esepor.m ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2363130F.tmp Suspect : Exploit.HTML.Mht ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\23E6027E.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\23F11D66 Infecté : Trojan-Downloader.Win32.IstBar.aj ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\23F8715F Infecté : Trojan-Downloader.Win32.Small.id ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\23FB1B5C Infecté : Trojan-Downloader.Win32.IstBar.ag ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\23FE4558 Infecté : Backdoor.Win32.Prosiak.070 ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\24026F54 Infecté : Trojan-Downloader.Win32.Esepor.x ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\24051951 Infecté : Trojan-Downloader.Win32.Esepor.i ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\240A5057.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2431482C.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\24551604.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\248037D5.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\24844CE2.EXE Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\24B12D9F.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\24DE796D.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\25406501.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2557537E.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\25A25095.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\25DD4455.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2611641B.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\264F01D7.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\26874B9A.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\26DF3939.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\27347CDB.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\27A31061.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\27F85404.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\28536B9F.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\28AB593E.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\28F374EF.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\29450E95.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\29B4221B.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\29F97EE0.EXE Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2A265F9D.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2AC014F4.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2B2B7E7E.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2BA165FC.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2BC75E59.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2BCE11FF Infecté : Trojan-Downloader.Win32.Agent.ae ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2C13237F.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2C7F0D08.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2CDE4EA0.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2D403A34.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2DA879C1.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2E285F35.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2E8A4AC9.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2EE73387.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2F09303D.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\2F8F69AA.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\30281F01.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\307364AE.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3094088A.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\30EC7629.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\31136DFE.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3179038F.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\31E1431C.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\324743BD.EXE Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3260288F.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\32F65B10.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\32F733EA.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\33866B4C.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\33977775.tmp Infecté : Backdoor.Win32.Jeemp.c ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\34471878.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\354667F2.tmp Infecté : Trojan-Downloader.Win32.Small.us ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\35C872D0.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\36517D15 Infecté : Trojan-Downloader.Win32.Esepor.ab ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\36834C03.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\375E4F9D Infecté : Trojan-DDoS.Win32.UdoDos.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\37A23AC7.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\38AE2DA0.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\38EF799D.tmp Infecté : Backdoor.Win32.Wootbot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\39B9207A.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\39F82946.SPL Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3AD3141F.exe Infecté : Virus.Win32.Tenga.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3B5B1EAE.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3B646D38.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3B786923.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3B8B650D.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3CD453EB.exe Infecté : Virus.Win32.Tenga.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3CF41EEC.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3D320EF2 Infecté : Trojan.Win32.Favadd.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3D975239.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3E1D0BA5.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3EA34512.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3F49225B.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3F613EDD.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3F741676 Infecté : Trojan-Downloader.Win32.Small.us ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3FA73488.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\3FD82A52.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\403A15E6.exe Infecté : Backdoor.Win32.SdBot.xm ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\413D19F8.tmp Infecté : Trojan-Downloader.Win32.Brok ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\415E5E11.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\43F42937.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\446E5920 Infecté : Trojan-Downloader.Win32.Esepor.m ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\44A45021.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\44DE0ED9 Infecté : Trojan-Downloader.Win32.Esepor.d ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\45176E2E.tmp Infecté : Trojan-Downloader.VBS.Wipup ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\47804150.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\4C675FEF.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\4EE53C02 Infecté : Trojan-Downloader.Win32.IstBar.er ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\5079491A.tmp Infecté : Trojan-Downloader.Win32.Brok ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\50B90348.tmp Infecté : Trojan.JS.StartPage.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\545C53E5.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58A42CD0.tmp Infecté : Backdoor.Win32.Wootbot.u ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58A756CD.tmp Infecté : Trojan-Downloader.Win32.Brok ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58B728BB.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58BA52B7.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58C126B0.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58C450AD.tmp Infecté : Trojan.Win32.Favadd.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58CE4EA2.tmp Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58D1789E.tmp Infecté : Trojan-Downloader.BAT.Ftp.c ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\58D5229B.tmp Infecté : Exploit.HTML.CodeBaseExec ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\59682719 Infecté : Trojan.Win32.Dialer.bh ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\598553AC Infecté : Trojan-Downloader.BAT.Ftp.c ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\5A757801 Infecté : Trojan-Downloader.Win32.Esepor.m ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\5B0B03CF.exe Infecté : Backdoor.Win32.Agobot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\5B723CF8.exe Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\5BCA31A3.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\5D0E4A10.exe Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\62B44C70.exe Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\63255988.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\63AC25FA.tmp Infecté : Backdoor.Win32.SdBot.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\63EE4DF4.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\64B25437.htm Infecté : Exploit.HTML.CodeBaseExec ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\64F86317 Infecté : Trojan-Downloader.Win32.IstBar.ag ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\660533FF Infecté : Trojan-Clicker.Win32.Small.an ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\677A5E97 Infecté : Trojan-Downloader.Win32.Swizzor.ca ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\67F638DC Infecté : Trojan-Downloader.Win32.IstBar.gen ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\6ABD2F8E Infecté : Backdoor.Win32.Prosiak.070 ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\6B73797C/data0001 Infecté : Trojan-Downloader.NSIS.Agent.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\6B73797C NSIS: infecté - 1 ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\6B73797C CryptFF: infecté - 1 ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\6CEF5F78.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\6EE44DD5 Infecté : Trojan.Win32.Dialer.bh ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\6F7E09F2.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\70891F16 Infecté : Trojan-Downloader.Win32.Esepor.j ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\71966FFE Infecté : Trojan-Downloader.Win32.Esepor.h ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\72A733A6 Infecté : Trojan-Clicker.Win32.Small.an ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\74A27B3D.tmp Infecté : Trojan.JS.StartPage.a ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\75EC722B.tmp Infecté : Backdoor.Win32.Agobot.nq ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\75FA648C Infecté : Trojan-Downloader.Win32.Small.fv ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\780B416A.htm Infecté : Exploit.HTML.IframeBof ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\780F6B66.txt Infecté : Trojan-Downloader.Win32.Agent.ki ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\7B743BF9.tmp Infecté : Backdoor.Win32.Wootbot.j ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\7C047D12.class Infecté : Exploit.Java.ByteVerify ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\7C195B15 Infecté : Trojan-Downloader.Win32.Esepor.u ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\7C6368C1 Infecté : Trojan-Downloader.Win32.Esepor.x ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\7DB3479F Infecté : Trojan-Downloader.Win32.Agent.ae ignoré
    C:\Program Files\Norton AntiVirus\Quarantine\7F1630D9 Infecté : Trojan-Downloader.Win32.Swizzor.cw ignoré
    C:\Program Files\Yahoo!\Messenger\ypager.log L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP3\A0000560.exe L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP3\A0000561.dll L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP958\change.log L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 101 - The Target [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 102 - The Detail [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 103 - The Buys [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 104 - Old Cases [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 105 - The Pager [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 106 - The Wire [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 107 - One Arrest [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 108 - Lessons [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 109 - Game Day [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 110 - The Cost [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 111 - The Hunt [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 112 - Cleaning Up [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 1 complete\The Wire - 113 - Sentencing [FuckGov].mkv L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 201 - Ebb Tide [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 202 - Collateral Damage [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 203 - Hot Shots [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 204 - Hard Cases [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 205 - Undertow [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 206 - All Prologue [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 207 - Backwash [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 208 - Duck and Cover [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 209 - Stray Rounds [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 210 - Storm Warnings [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 211 - Bad Dreams [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 2 complete\The Wire - 212 - Port in a Storm [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e01 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e02 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e03 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e04 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e05 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e06 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e07 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e08 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e09 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e10 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e11 [FuckGov].avi L'objet est verrouillé ignoré
    C:\video\SERIES\The Wire - season 3 complete\the.wire.s03e12 [FuckGov].avi L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\oakley.log L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\WINDOWS\system32\esnecil.ind L'objet est verrouillé ignoré
    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

    Analyse terminée.

    MERCI A+
    0
  8. Utilisateur anonyme
     
    Bonjour

    Les fichiers infectés sont dans les quarantaines de tes antivirus.

    Supprime un des antivirus et vide la quarantaine de l'autre.

    As tu encore des dysfonctionnements ?
    0
  9. jeremie
     
    Ah ok pas de problèmes alors...à priori tout va bien maintenant...
    Merci pour ton aide.
    Sinon tu conseillerais quoi comme anti-virus? D'autres soft à lancer régulèrement? En gros, que faire pour minimiser les risques de choper des virus?
    MERCI
    0
  10. Utilisateur anonyme
     
    Re

    Pour mieux sécuriser ton PC

    https://forum.pcastuces.com/default.asp
    0
    1. superjoblo
       
      Allo Chercherchis,

      tu sembles un super informaticien !

      J'ai un trouble très particulier avec Msn ... personne ne peut m'aider ... peut-être tu le pourras !

      j'ai fouillé sur les Forums mais aucune réponse.

      Le problème est que je suis plutôt nul en informatique !

      tu acceptes le défi ?
      0
  11. Utilisateur anonyme
     
    Bonjour

    Poste déja un rapport HijackThis
    http://pchelpbordeaux.free.fr/logiciels.html
    Tutorial
    http://pchelpbordeaux.free.fr/tuto.html
    Démo en image
    http://pageperso.aol.fr/balltrap34/demohijack.htm
    0