[Virus] Msn + d'autres cochonneries

Question

Bonjour,

Je rentre de voyage et j'ai eu la belle surprise de trouver mon PC infecté de plein de petites merdes. Deja une chose est sure, ma soeur m'a dit avoir cliqué sur un lien msn qui a contaminé msn, et qui renvoie ce meme lien a tous ses contatcs connectés. Je repars dans 2 jours, j'aimerais bien laisser mon PC propre, est ce que vous pouvez m'aider s'il vous plait. Je vous met le rapport hijackthis.

Merci d'avance et joyeux noel a tous !!!

Logfile of HijackThis v1.99.1
Scan saved at 12:04:18, on 25/12/2006
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset
od32krn.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32
tvdm.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Documents and Settings\abdel\Bureau\winstall.exe
C:\WINDOWS\System32
fomon
fomon.exe
C:\WINDOWS\System32\vidmon\vidmon.exe
C:\Program Files\Eset
od32kui.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\TribalWeb.net	ribalweb.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\W?nSxS\l?gonui.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Norton AntiVirus
avapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\PeDevice\PeDev.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ljcvhmditoawantsanh.biz/bOK/fDm80lmsebsmbs7ZFSXkHVjezioRq7WQ61gYmJfGhLGteCrsO1qPcTJ/eOdI.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32
xme.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: imagxjg - {07E40AEF-BCFF-034B-CFC5-10759802C07E} - C:\WINDOWS\System32\imagxjg.dll (file missing)
O2 - BHO: (no name) - {0B6672D8-1239-C678-7E9D-04FCC22A3796} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
O2 - BHO: wiavidez - {3DE03E9C-A97A-7425-3390-8AB0682AFB1C} - C:\WINDOWS\System32\wiavidez.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{38C02~1\888Bar.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll
O2 - BHO: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32
xme.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Search - {6C66E3D2-EB3E-4900-D437-7EDA0D2EBC89} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{38C02~1\888Bar.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Windows Registry Cleaner] winclean.exe
O4 - HKLM\..\Run: [netservices] recall.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Automation
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\abdel\Bureau\winstall.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\System32
fomon
fomon.exe
O4 - HKLM\..\Run: [vidmon] C:\WINDOWS\System32\vidmon\vidmon.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
od32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunServices: [netservices] recall.exe
O4 - HKLM\..\RunServices: [Windows Registry Cleaner] winclean.exe
O4 - HKLM\..\RunServices: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKCU\..\Run: [Mini-XP] C:\Program Files\Minimizer XP\Mini-XP.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe"
O4 - HKCU\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Aate] "C:\DOCUME~1\abdel\MESDOC~1\ICROSO~1.NET
slookup.exe" -vt yazb
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net	ribalweb.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096197995560
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{330E57BF-BEC6-453F-8B34-87CCB0C02D65}: NameServer = 212.27.54.252,213.228.0.23
O18 - Protocol: bw+0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Auto RTPatch Scheduler - Pocket Soft, Inc. - C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset
od32krn.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Utilisateur anonyme · Answer

Bonjour

Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/combofix.exe 

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra. 
Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.

Utilisateur anonyme · Answer

Re

Du ménage vient d'être fait.
Mais il en reste encore beaucoup.


$$ Télécharge 
SDFix sur ton bureau 
http://downloads.andymanchesta.com/RemovalTools/SDFix.zip 

clean.zip 
http://www.malekal.com/download/clean.zip 
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean. 


$$ Redémarre en mode sans échec. 


$$ Ouvre le dossier Clean qui se trouve sur ton bureau, et double-clic sur clean.cmd. 
Une fenêtre noire va apparaître pendant un instant, laisse la ouverte. 


$$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout" 
Double-clique sur RunThis.bat 
Tape Y pour lancer le script. 
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire 
Presse une touche pour redémarrer 
Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche 


Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt" avec le rapport qui se trouve ici C:\rapport_clean.txt et un nouveau HijackThis.

jeremie · Answer

Bon j'ai pas réussi a utiliser SDFix. Qd je lançais le runthis.bat, il me demandait de dezipper 3 fichiers dans C:\windows\system32 et de relancer le script. Ce que je faisais, malgré ça, après la 2ème relance il me le redemandait encore et encore...

sinon voilà le rapport_clean:

Script clean par Malekal_morte - http://www.malekal.com 

Microsoft Windows XP [version 5.1.2600]
Script execute en mode sans echec 
 
*** Suppression de fichiers sur C: 
C:\StubInstaller.exe FOUND 
 
*** Suppression des fichiers dans %SystemRoot%\ 
C:\WINDOWS\bsx32\ FOUND 
 
*** Suppression des fichiers dans %SystemRoot%\system32 
C:\WINDOWS\system32\setup_?????.exe FOUND 
C:\WINDOWS\system32\vidmon\vidmon.exe FOUND 
"C:\WINDOWS\Downloaded Program Files\*_*_*NetInstaller.exe" FOUND 
"C:\WINDOWS\Downloaded Program Files\speedtest2.dll" FOUND 
"C:\Documents and Settings\abdel\Bureau\winstall.exe" FOUND 
"C:\Documents and Settings\abdel\winstall.exe" FOUND 
 
"C:\Program Files\Common Files\WNSXS~1\" FOUND 
"C:\Program Files\MSN Messenger\msrr.exe" FOUND 
"C:\Program Files\PeDevice\" FOUND 
 
*** Suppression des clefs du registre effectuee.. 


********************************************************

Et le hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 20:18:55, on 25/12/2006
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset
od32krn.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\WINDOWS\system32
tvdm.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\System32
fomon
fomon.exe
C:\Program Files\Eset
od32kui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\TribalWeb.net	ribalweb.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ljcvhmditoawantsanh.biz/bOK/fDm80lmsebsmbs7ZFSXkHVjezioRq7WQ61gYmJfGhLGteCrsO1qPcTJ/eOdI.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32
xme.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: imagxjg - {07E40AEF-BCFF-034B-CFC5-10759802C07E} - C:\WINDOWS\System32\imagxjg.dll (file missing)
O2 - BHO: (no name) - {0B6672D8-1239-C678-7E9D-04FCC22A3796} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
O2 - BHO: wiavidez - {3DE03E9C-A97A-7425-3390-8AB0682AFB1C} - C:\WINDOWS\System32\wiavidez.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O2 - BHO: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32
xme.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Search - {6C66E3D2-EB3E-4900-D437-7EDA0D2EBC89} - C:\WINDOWS\Ojtnlsgh.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Windows Registry Cleaner] winclean.exe
O4 - HKLM\..\Run: [netservices] recall.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Automation
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\System32
fomon
fomon.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
od32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinMsg] %SystemRoot%\winmsgr.exe
O4 - HKLM\..\RunServices: [netservices] recall.exe
O4 - HKLM\..\RunServices: [Windows Registry Cleaner] winclean.exe
O4 - HKLM\..\RunServices: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKCU\..\Run: [Mini-XP] C:\Program Files\Minimizer XP\Mini-XP.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe"
O4 - HKCU\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Aate] "C:\DOCUME~1\abdel\MESDOC~1\ICROSO~1.NET
slookup.exe" -vt yazb
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net	ribalweb.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {16BED5D9-AA6B-4A96-A134-C1958893490F} (VacPro.int_ver40v) - http://advnt01.com/dialer/int_ver40v.CAB
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096197995560
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} - http://activex.matcash.com/speedtest2.dll
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{330E57BF-BEC6-453F-8B34-87CCB0C02D65}: NameServer = 212.27.54.252,213.228.0.23
O18 - Protocol: bw+0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Auto RTPatch Scheduler - Pocket Soft, Inc. - C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset
od32krn.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe



MERCI

Utilisateur anonyme · Answer

Re

On continue.

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les  manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer

1 Télécharge 
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente


2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows. 
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.


3 Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ljcvhmditoawantsanh.biz/ 
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank 
R3 - URLSearchHook: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32
xme.dll 
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) 
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 
O2 - BHO: imagxjg - {07E40AEF-BCFF-034B-CFC5-10759802C07E} - C:\WINDOWS\System32\imagxjg.dll (file missing) 
O2 - BHO: (no name) - {0B6672D8-1239-C678-7E9D-04FCC22A3796} - C:\WINDOWS\Ojtnlsgh.dll (file missing) 
O2 - BHO: wiavidez - {3DE03E9C-A97A-7425-3390-8AB0682AFB1C} - C:\WINDOWS\System32\wiavidez.dll (file missing) 
O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file) 
O2 - BHO: (no name) - {FAACC258-20BD-5F41-9F18-03E52A1811E6} - C:\WINDOWS\System32
xme.dll 
O3 - Toolbar: Search - {6C66E3D2-EB3E-4900-D437-7EDA0D2EBC89} - C:\WINDOWS\Ojtnlsgh.dll (file missing) 
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx 
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe 
O4 - HKLM\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe 
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe 
O4 - HKLM\..\Run: [Windows Registry Cleaner] winclean.exe 
O4 - HKLM\..\Run: [netservices] recall.exe 
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe" -osboot 
O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\System32
fomon
fomon.exe 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 
O4 - HKLM\..\Run: [WinMsg] %SystemRoot%\winmsgr.exe 
O4 - HKLM\..\RunServices: [netservices] recall.exe 
O4 - HKLM\..\RunServices: [Windows Registry Cleaner] winclean.exe 
O4 - HKLM\..\RunServices: [Microsoft Secure Messenger.NET Service] securitychk.exe 
O4 - HKCU\..\Run: [Microsoft Secure Messenger.NET Service] securitychk.exe 
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot 
O4 - HKCU\..\Run: [Aate] "C:\DOCUME~1\abdel\MESDOC~1\ICROSO~1.NET
slookup.exe" -vt yazb 
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe 
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe 
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll 
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll 
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU) 
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab 
O16 - DPF: {16BED5D9-AA6B-4A96-A134-C1958893490F} (VacPro.int_ver40v) - http://advnt01.com/dialer/int_ver40v.CAB 
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab 
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab 
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab 
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/ 
O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_6fr.cab 
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab 
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab 
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite 
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab 
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab 
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab 
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab 
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} - http://activex.matcash.com/speedtest2.dll 
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec.com/techsupp/activedata/ActiveData.cab 
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab 
O18 - Protocol: bw+0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw+0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw-0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw-0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw00 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw00s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw10 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw10s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw20 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw20s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw30 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw30s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw40 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw40s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw50 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw50s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw60 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw60s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw70 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw70s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw80 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw80s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw90 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bw90s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwa0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwa0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwb0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwb0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwc0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwc0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwd0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwd0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwe0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwe0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwf0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwf0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll 
O18 - Protocol: bwg0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwg0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwh0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwh0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwi0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwi0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwj0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwj0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwk0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwk0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwl0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwl0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwm0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwm0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwn0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwn0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwo0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwo0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwp0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwp0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwq0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwq0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwr0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwr0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bws0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bws0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwt0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwt0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwu0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwu0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwv0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwv0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bww0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bww0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwx0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwx0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwy0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwy0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwz0 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: bwz0s - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: offline-8876480 - {01FB1C66-14C6-44F1-BB5B-FF6538080F02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer


5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Documents and Settings\abdel\Mes documents\ICROSO~1.NET 
C:\WINDOWS\System32
fomon
C:\WINDOWS\System32
xme.dll 
securitychk.exe 
winclean.exe 
recall.exe 
winmsgr.exe 
Pour ces derniers, probablement dans C:\WINDOWS\System32, C:\WINDOWS ou C:\

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.


6 Lance le nettoyage avec CCleaner


7 Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. 
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.


8 Redémarre normalement

Poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware.

Jeremie · Answer

Ok j'ai fait ce que tu m'as dit. Voila le rapport AVG Anti-spyware

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	12:55:19 26/12/2006

 + Résultat de l'analyse:	



HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bargain Buddy -> Adware.BargainBuddy : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\VCCPGDATAACCESS.PgDataAccessCtrl.1 -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Fichiers communs\Uninstall Information\RemoveWebDP.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/RemoveWebDP.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/nfo.ocx -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/nfom.dll -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196425.exe/nfomon.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199995.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32
fomon
fo.ocx -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32
fomon
fom.dll -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32
fomon
fomon.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\CLSID\{E1412445-4FF8-410e-8D24-F2CF86B171A4} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196329.exe -> Adware.Maxifiles : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\backups\backup-20061226-095033-192.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196271.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196291.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196414.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP950\A0196555.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199996.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199997.exe -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0201016.dll -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196276.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196278.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196365.dll -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199246.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199289.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199291.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199293.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199295.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP14\A0000861.exe -> Backdoor.Agobot : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP18\A0002339.exe -> Backdoor.Agobot : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196296.rbf -> Backdoor.MSNMaker.ab : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196270.exe -> Downloader.Agent.bca : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196292.exe -> Downloader.Agent.bca : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0197208.exe -> Downloader.Agent.bca : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196333.EXE -> Downloader.PurityScan.dy : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\MsgPlus-252.exe/70000011.exe -> Downloader.Swizzor.af : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{A173D176-77CA-4110-8485-E3078F59BF84}\RP48\A0117549.exe -> Downloader.Swizzor.ck : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP954\A0196661.exe -> Dropper.DollarR.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP955\A0197159.EXE -> Dropper.DollarR.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\in10b6s.dlltmp -> Dropper.Small.abe : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196275.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196277.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199288.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199290.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199292.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0199294.dll -> Logger.Delf.mk : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL.rar/PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE + SP6\Protel99_SP6.zip/Protel99_ServicePack_6.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL.rar/PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE\PROTEL_P.EXE -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6.zip/Protel 99 SE + ServicePack 6/Crack/Protel 99 SE + SP6/Protel99_SP6.zip/Protel99_ServicePack_6.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6.zip/Protel 99 SE + ServicePack 6/Crack/Protel 99 SE/PROTEL_P.EXE -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE + SP6\Protel99_SP6.zip/Protel99_ServicePack_6.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Wanadoo\abdallah.bouchourl\3ème année\PROTEL\Protel.99.SE.+.ServicePack.6\Protel 99 SE + ServicePack 6\Crack\Protel 99 SE\PROTEL_P.EXE -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Abdellah\Cookies\abdellah@ilead.itrack[2].txt -> TrackingCookie.Itrack : Nettoyé.
C:\Documents and Settings\Abdellah\Cookies\abdellah@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196273.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196290.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP948\A0196416.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP950\A0196556.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP952\A0196617.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP957\A0197207.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP946\A0196272.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196325.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196327.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196331.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196334.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP947\A0196367.exe -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport

************************************************************************************************************

Et voila le nouveau hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 13:04:26, on 26/12/2006
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset
od32krn.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\WINDOWS\system32
tvdm.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Eset
od32kui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\TribalWeb.net	ribalweb.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton AntiVirus
avapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Automation
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
od32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Mini-XP] C:\Program Files\Minimizer XP\Mini-XP.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - Startup: TribalWeb.net.lnk = C:\Program Files\TribalWeb.net	ribalweb.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096197995560
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{330E57BF-BEC6-453F-8B34-87CCB0C02D65}: NameServer = 212.27.54.252,213.228.0.23
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Auto RTPatch Scheduler - Pocket Soft, Inc. - C:\PROGRA~1\FICHIE~1\POCKET~1\RTPatch\AutoRTP\artpschd.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
avapsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset
od32krn.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Utilisateur anonyme · Answer

Bien, HijackThis est propre.

AVG a fini le travail.

Tu as deux antivirus, supprime en un, il y a risque de conflit.


Fais une analyse antivirus en ligne sur Kaspersky
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
Sélectionne le poste de travail comme analyse.
Colle son rapport ici.

jeremie · Answer

ok je vais en supprimer un.
Voilà le rapport Kaspersky, il m'a trouvé un paquet de virus...

-------------------------------------------------------------------------------
 KASPERSKY ON-LINE SCANNER REPORT
 Wednesday, December 27, 2006 12:43:25 PM
 Système d'exploitation : Microsoft Windows XP Professional,  (Build 2600)
 Kaspersky On-line Scanner version : 5.0.83.0
 Dernière mise à jour de la base antivirus Kaspersky : 27/12/2006
 Enregistrements dans la base antivirus Kaspersky : 240194
-------------------------------------------------------------------------------

Paramètres d'analyse:
	Analyser avec la base antivirus suivante: standard
	Analyser les archives: vrai
	Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
	A:\
	C:\
	D:\
	F:\
	L:\

Statistiques de l'analyse:
	Total d'objets analysés: 113680
	Nombre de virus trouvés: 51
	Nombre d'objets infectés: 195 / 0
	Nombre d'objets suspects: 2
	Durée de l'analyse: 02:48:18

Nom de l'objet infecté / Nom du virus / Dernière action
C:\bd79b06ac59a775156ac0b765423\sp1\update\kb823980.cat	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Application Data\Azureus\ipfilter.cache	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Cookies\index.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Application Data\Pando\Pando Files\cert\cert8.db	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Application Data\Pando\Pando Files\cert\key3.db	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Application Data\Pando\Pando Files\pando.log	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Historique\History.IE5\index.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Historique\History.IE5\MSHist012006122720061228\index.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Temp\hsperfdata_abdel\3220	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Temp\mpl3AD.tmp	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Temp\Perflib_Perfdata_10c.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Temp\~DF5080.tmp	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\Local Settings\Temporary Internet Files\Content.IE5\index.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel\NTUSER.DAT	L'objet est verrouillé	ignoré
C:\Documents and Settings\abdel
tuser.dat.LOG	L'objet est verrouillé	ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24aeb104470ffbd69ad47a1f3c52f12d_268ea376-fff5-42bb-91fa-daa497194321	L'objet est verrouillé	ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\511a0f3f9e960fa97de3d0b74adfc574_268ea376-fff5-42bb-91fa-daa497194321	L'objet est verrouillé	ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec\Common Client\settings.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	L'objet est verrouillé	ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT	L'objet est verrouillé	ignoré
C:\Documents and Settings\LocalService.AUTORITE NT
tuser.dat.LOG	L'objet est verrouillé	ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	L'objet est verrouillé	ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	L'objet est verrouillé	ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT	L'objet est verrouillé	ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT
tuser.dat.LOG	L'objet est verrouillé	ignoré
C:\Program Files\ESET\cache\CACHE.NDB	L'objet est verrouillé	ignoré
C:\Program Files\ESET\infected\2KZ1M3DA.NQF	Infecté : Trojan-Downloader.Win32.VB.ft	ignoré
C:\Program Files\ESET\infected\EAHNYQCA.NQF	Infecté : Trojan-Downloader.Win32.PurityScan.co	ignoré
C:\Program Files\ESET\infected\ECT2SXDA.NQF	Infecté : Trojan-Downloader.Win32.PurityScan.co	ignoré
C:\Program Files\ESET\infected\MQRU1FCA.NQF	Infecté : Trojan-Downloader.Win32.PurityScan.co	ignoré
C:\Program Files\ESET\infected\RYCG2ICA.NQF	Infecté : Trojan-Downloader.Win32.VB.ft	ignoré
C:\Program Files\ESET\infected\VN0IYFCA.NQF	Infecté : Trojan-Downloader.Win32.VB.ft	ignoré
C:\Program Files\ESET\logs\virlog.dat	L'objet est verrouillé	ignoré
C:\Program Files\ESET\logs\warnlog.dat	L'objet est verrouillé	ignoré
C:\Program Files\Norton AntiVirus\AVApp.log	L'objet est verrouillé	ignoré
C:\Program Files\Norton AntiVirus\AVError.log	L'objet est verrouillé	ignoré
C:\Program Files\Norton AntiVirus\AVVirus.log	L'objet est verrouillé	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\035A18A9.tmp	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\03EE187D.tmp	Infecté : Backdoor.Win32.Wootbot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\05267DB5.class	Infecté : Trojan-Dropper.Java.Small.d	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\056D3207.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\059753D9.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\05C51FA6.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\06001366.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\064B5913.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\066B7CEF.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0AB16B1A.tmp	Infecté : Backdoor.Win32.Wootbot.j	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0B4D681E.tmp	Infecté : Backdoor.Win32.Jeemp.c	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0BAA65F8.dll	Infecté : Backdoor.Win32.Afcore.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0BAA65F8.exe	Infecté : Backdoor.Win32.Wootbot.u	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0BAD0FF5.dll	Infecté : Backdoor.Win32.Afcore.as	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0C0B0916.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0C441B50.exe	Infecté : Backdoor.Win32.Wootbot.j	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0C47454C.exe	Infecté : Backdoor.Win32.Wootbot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0E0A2992.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0E7B51AF	Infecté : Trojan-Downloader.Win32.Small.amr	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0ED6338B.htm	Suspect : Exploit.HTML.Mht	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\0FC906B8	Infecté : Trojan-Downloader.Win32.IstBar.aj	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\139A769C.exe	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\13BE08D3	Infecté : Trojan-Dropper.Win32.Small.ht	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\13C7350B.exe	Infecté : Backdoor.Win32.Apdoor.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\148E3630	Infecté : Trojan.JS.StartPage.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\14AB3AA8	Infecté : Trojan-Downloader.Win32.Swizzor.ca	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\14AD1A02	Infecté : Trojan-Downloader.Win32.Small.id	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\14E379D2	Infecté : Trojan.JS.StartPage.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\15A17D02.exe	Infecté : Trojan-Downloader.Win32.Brok	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\17185965	Infecté : Backdoor.Win32.Jeemp.c	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\18347DA7.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\18CF3FE5.tmp	Infecté : Backdoor.Win32.Wootbot.u	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\18D369E1.tmp	Infecté : Trojan-Downloader.Win32.Brok	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\19191930.exe	Infecté : Backdoor.Win32.Jeemp.c	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\19D04867	Infecté : Backdoor.Win32.Apdoor.g	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\1A4C03DF	Infecté : Trojan-Downloader.VBS.Wipup	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\1ADE5ACF	Infecté : Trojan-Downloader.Win32.IstBar.er	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\1C4A199F.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\1E256FF4.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\203D5600	Infecté : Trojan-Downloader.Win32.IstBar.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\21A825C5	Infecté : Trojan-Downloader.Win32.Small.id	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\21AB4FC1	Infecté : Trojan-Downloader.Win32.Small.id	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\21B223BA	Infecté : Trojan-Downloader.Win32.Esepor.m	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2363130F.tmp	Suspect : Exploit.HTML.Mht	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\23E6027E.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\23F11D66	Infecté : Trojan-Downloader.Win32.IstBar.aj	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\23F8715F	Infecté : Trojan-Downloader.Win32.Small.id	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\23FB1B5C	Infecté : Trojan-Downloader.Win32.IstBar.ag	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\23FE4558	Infecté : Backdoor.Win32.Prosiak.070	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\24026F54	Infecté : Trojan-Downloader.Win32.Esepor.x	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\24051951	Infecté : Trojan-Downloader.Win32.Esepor.i	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\240A5057.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2431482C.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\24551604.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\248037D5.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\24844CE2.EXE	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\24B12D9F.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\24DE796D.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\25406501.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2557537E.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\25A25095.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\25DD4455.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2611641B.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\264F01D7.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\26874B9A.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\26DF3939.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\27347CDB.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\27A31061.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\27F85404.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\28536B9F.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\28AB593E.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\28F374EF.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\29450E95.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\29B4221B.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\29F97EE0.EXE	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2A265F9D.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2AC014F4.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2B2B7E7E.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2BA165FC.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2BC75E59.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2BCE11FF	Infecté : Trojan-Downloader.Win32.Agent.ae	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2C13237F.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2C7F0D08.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2CDE4EA0.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2D403A34.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2DA879C1.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2E285F35.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2E8A4AC9.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2EE73387.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2F09303D.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\2F8F69AA.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\30281F01.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\307364AE.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3094088A.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\30EC7629.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\31136DFE.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3179038F.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\31E1431C.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\324743BD.EXE	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3260288F.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\32F65B10.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\32F733EA.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\33866B4C.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\33977775.tmp	Infecté : Backdoor.Win32.Jeemp.c	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\34471878.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\354667F2.tmp	Infecté : Trojan-Downloader.Win32.Small.us	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\35C872D0.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\36517D15	Infecté : Trojan-Downloader.Win32.Esepor.ab	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\36834C03.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\375E4F9D	Infecté : Trojan-DDoS.Win32.UdoDos.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\37A23AC7.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\38AE2DA0.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\38EF799D.tmp	Infecté : Backdoor.Win32.Wootbot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\39B9207A.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\39F82946.SPL	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3AD3141F.exe	Infecté : Virus.Win32.Tenga.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3B5B1EAE.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3B646D38.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3B786923.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3B8B650D.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3CD453EB.exe	Infecté : Virus.Win32.Tenga.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3CF41EEC.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3D320EF2	Infecté : Trojan.Win32.Favadd.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3D975239.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3E1D0BA5.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3EA34512.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3F49225B.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3F613EDD.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3F741676	Infecté : Trojan-Downloader.Win32.Small.us	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3FA73488.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\3FD82A52.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\403A15E6.exe	Infecté : Backdoor.Win32.SdBot.xm	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\413D19F8.tmp	Infecté : Trojan-Downloader.Win32.Brok	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\415E5E11.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\43F42937.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\446E5920	Infecté : Trojan-Downloader.Win32.Esepor.m	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\44A45021.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\44DE0ED9	Infecté : Trojan-Downloader.Win32.Esepor.d	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\45176E2E.tmp	Infecté : Trojan-Downloader.VBS.Wipup	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\47804150.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\4C675FEF.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\4EE53C02	Infecté : Trojan-Downloader.Win32.IstBar.er	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\5079491A.tmp	Infecté : Trojan-Downloader.Win32.Brok	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\50B90348.tmp	Infecté : Trojan.JS.StartPage.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\545C53E5.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58A42CD0.tmp	Infecté : Backdoor.Win32.Wootbot.u	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58A756CD.tmp	Infecté : Trojan-Downloader.Win32.Brok	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58B728BB.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58BA52B7.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58C126B0.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58C450AD.tmp	Infecté : Trojan.Win32.Favadd.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58CE4EA2.tmp	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58D1789E.tmp	Infecté : Trojan-Downloader.BAT.Ftp.c	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\58D5229B.tmp	Infecté : Exploit.HTML.CodeBaseExec	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\59682719	Infecté : Trojan.Win32.Dialer.bh	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\598553AC	Infecté : Trojan-Downloader.BAT.Ftp.c	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\5A757801	Infecté : Trojan-Downloader.Win32.Esepor.m	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\5B0B03CF.exe	Infecté : Backdoor.Win32.Agobot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\5B723CF8.exe	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\5BCA31A3.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\5D0E4A10.exe	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\62B44C70.exe	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\63255988.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\63AC25FA.tmp	Infecté : Backdoor.Win32.SdBot.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\63EE4DF4.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\64B25437.htm	Infecté : Exploit.HTML.CodeBaseExec	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\64F86317	Infecté : Trojan-Downloader.Win32.IstBar.ag	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\660533FF	Infecté : Trojan-Clicker.Win32.Small.an	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\677A5E97	Infecté : Trojan-Downloader.Win32.Swizzor.ca	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\67F638DC	Infecté : Trojan-Downloader.Win32.IstBar.gen	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\6ABD2F8E	Infecté : Backdoor.Win32.Prosiak.070	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\6B73797C/data0001	Infecté : Trojan-Downloader.NSIS.Agent.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\6B73797C	NSIS: infecté - 1	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\6B73797C	CryptFF: infecté - 1	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\6CEF5F78.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\6EE44DD5	Infecté : Trojan.Win32.Dialer.bh	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\6F7E09F2.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\70891F16	Infecté : Trojan-Downloader.Win32.Esepor.j	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\71966FFE	Infecté : Trojan-Downloader.Win32.Esepor.h	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\72A733A6	Infecté : Trojan-Clicker.Win32.Small.an	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\74A27B3D.tmp	Infecté : Trojan.JS.StartPage.a	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\75EC722B.tmp	Infecté : Backdoor.Win32.Agobot.nq	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\75FA648C	Infecté : Trojan-Downloader.Win32.Small.fv	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\780B416A.htm	Infecté : Exploit.HTML.IframeBof	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\780F6B66.txt	Infecté : Trojan-Downloader.Win32.Agent.ki	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\7B743BF9.tmp	Infecté : Backdoor.Win32.Wootbot.j	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\7C047D12.class	Infecté : Exploit.Java.ByteVerify	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\7C195B15	Infecté : Trojan-Downloader.Win32.Esepor.u	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\7C6368C1	Infecté : Trojan-Downloader.Win32.Esepor.x	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\7DB3479F	Infecté : Trojan-Downloader.Win32.Agent.ae	ignoré
C:\Program Files\Norton AntiVirus\Quarantine\7F1630D9	Infecté : Trojan-Downloader.Win32.Swizzor.cw	ignoré
C:\Program Files\Yahoo!\Messenger\ypager.log	L'objet est verrouillé	ignoré
C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP3\A0000560.exe	L'objet est verrouillé	ignoré
C:\System Volume Information\_restore{5D16B421-E256-4E01-A0FF-6F9A9AABE186}\RP3\A0000561.dll	L'objet est verrouillé	ignoré
C:\System Volume Information\_restore{5D92E115-EBE9-424A-8FD7-F87533B7F2AB}\RP958\change.log	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 101 - The Target [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 102 - The Detail [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 103 - The Buys [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 104 - Old Cases [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 105 - The Pager [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 106 - The Wire [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 107 - One Arrest [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 108 - Lessons [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 109 - Game Day [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 110 - The Cost [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 111 - The Hunt [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 112 - Cleaning Up [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 1 complete\The Wire - 113 - Sentencing [FuckGov].mkv	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 201 - Ebb Tide [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 202 - Collateral Damage [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 203 - Hot Shots [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 204 - Hard Cases [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 205 - Undertow [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 206 - All Prologue [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 207 - Backwash [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 208 - Duck and Cover [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 209 - Stray Rounds [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 210 - Storm Warnings [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 211 - Bad Dreams [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 2 complete\The Wire - 212 - Port in a Storm [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e01 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e02 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e03 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e04 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e05 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e06 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e07 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e08 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e09 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e10 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e11 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\video\SERIES\The Wire - season 3 complete	he.wire.s03e12 [FuckGov].avi	L'objet est verrouillé	ignoré
C:\WINDOWS\Debug\oakley.log	L'objet est verrouillé	ignoré
C:\WINDOWS\Debug\PASSWD.LOG	L'objet est verrouillé	ignoré
C:\WINDOWS\SchedLgU.Txt	L'objet est verrouillé	ignoré
C:\WINDOWS\Sti_Trace.log	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\AppEvent.Evt	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\default	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\default.LOG	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\SAM	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\SAM.LOG	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\SecEvent.Evt	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\SECURITY	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\SECURITY.LOG	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\software	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\software.LOG	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\SysEvent.Evt	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\system	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\system.LOG	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\esnecil.ind	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\h323log.txt	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR	L'objet est verrouillé	ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA	L'objet est verrouillé	ignoré
C:\WINDOWS\wiadebug.log	L'objet est verrouillé	ignoré
C:\WINDOWS\wiaservc.log	L'objet est verrouillé	ignoré

Analyse terminée.



MERCI A+

Utilisateur anonyme · Answer

Bonjour

Les fichiers infectés sont dans les quarantaines de tes antivirus.

Supprime un des antivirus et vide la quarantaine de l'autre.


As tu encore des dysfonctionnements ?

jeremie · Answer

Ah ok pas de problèmes alors...à priori tout va bien maintenant...
Merci pour ton aide.
Sinon tu conseillerais quoi comme anti-virus? D'autres soft à lancer régulèrement? En gros, que faire  pour minimiser les risques de choper des virus?
MERCI

Utilisateur anonyme · Answer

Re


Pour mieux sécuriser ton PC

https://forum.pcastuces.com/default.asp

Utilisateur anonyme · Answer

Bonjour


Poste déja un rapport HijackThis
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

[Virus] Msn + d'autres cochonneries

11 réponses

Votre réponse

Discussions similaires

Newsletters