[Virus] Pop up serwab, drive cleaner etc...

Résolu
juju4444 Messages postés 5 Date d'inscription   Statut Membre -  
juju4444 Messages postés 5 Date d'inscription   Statut Membre -
Bonjour à tous,

Cela fait quelques mois que je me traîne plusieurs pop-up comme drivecleaner, amaena, winantivirus2006, betclic, casino ...
J'en ai bien sur, par dessus la tête ! J'ai donc fait un tour sur quelques sujets de votre site mais je n'ai pas réussi à éradiquer ce problème...
J'ai fait un rapport HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 14:52:23, on 14/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\KMaestro\Key_f.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Documents and Settings\OKERMAN\Menu Démarrer\Programmes\Démarrage\Calc.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\OKERMAN\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: (no name) - {622264E1-7BC3-5BE4-AF69-0C095099A832} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre &Magique - {01A7812B-59E8-4A4F-BFD6-EEE6D4CB6BA2} - C:\Program Files\Telecom Italia France\Barre Magique 1.05.08.22\Tiscali BBar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [KeyMaestro] C:\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\prodsrvs.exe /res
O4 - Startup: Calc.exe
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020124/qtinstall.info.apple.com/qt505/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O18 - Protocol: bw+0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Windows Update Service (wuamgrd) - Unknown owner - C:\WINDOWS\System32\wuamgrd.exe (file missing)

Merci de me dire comment puis-je faire pour supprimer définitivement ce problème !
Merci (beaucoup) d'avance.
Configuration: Windows XP
Internet Explorer 7.0

8 réponses

  1. Utilisateur anonyme
     
    Bonjour

    Poste ausssi ces rapports.

    $$ Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.
    https://www.f-secure.com/en
    Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.

    Double-clique blbeta.exe et accepte la licence; clique Scan puis Next

    Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres)

    Copie et colle le contenu de ce rapport dans ta prochaine réponse.

    $$ Télécharge LopxpMH sur ton Bureau.

    http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip

    Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.

    Poste le contenu du rapport qui va s'ouvrir.
    0
  2. juju4444 Messages postés 5 Date d'inscription   Statut Membre
     
    Voila pour le rapport BlackLight :

    02/14/07 20:49:57 [Info]: BlackLight Engine 1.0.55 initialized
    02/14/07 20:49:57 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    02/14/07 20:49:57 [Note]: 7019 4
    02/14/07 20:49:57 [Note]: 7005 0
    02/14/07 20:49:59 [Note]: 7006 0
    02/14/07 20:49:59 [Note]: 7011 1444
    02/14/07 20:50:00 [Note]: 7026 0
    02/14/07 20:50:00 [Note]: 7026 0
    02/14/07 20:50:00 [Note]: 7024 3
    02/14/07 20:50:00 [Info]: Hidden process: C:\windows\system32\kmenav.exe
    02/14/07 20:50:07 [Note]: FSRAW library version 1.7.1021
    02/14/07 20:51:14 [Info]: Hidden file: C:\windows\system32\kmenav.exe
    02/14/07 20:51:14 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KMENAV.DAT
    02/14/07 20:51:16 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KMENAV~1.DAT
    02/14/07 20:51:17 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KMENAV~2.DAT
    02/14/07 20:51:17 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\MCIPSPWA.INI
    02/14/07 20:51:17 [Note]: 10002 2
    02/14/07 20:51:20 [Note]: 2000 1012
    02/14/07 20:51:20 [Note]: 2000 1012
    02/14/07 20:52:28 [Note]: 7007 0

    Et voici le rapport LopxpMH :

    Rapport fait à 20:53:57,03 le 14/02/2007

    ******************************************
    ## Répertoires Application Data

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\Default User\Application Data

    23/11/2001 10:55 <REP> .
    23/11/2001 10:55 <REP> ..
    16/01/2002 17:16 <REP> Identities
    23/11/2001 10:55 <REP> Microsoft
    16/01/2002 17:16 <REP> Microsoft Web Folders
    23/11/2001 10:55 62 desktop.ini
    1 fichier(s) 62 octets
    5 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

    23/11/2001 10:55 <REP> .
    23/11/2001 10:55 <REP> ..
    16/01/2002 17:16 <REP> Microsoft
    16/01/2002 17:16 1ÿ963ÿ860 IconCache.db
    1 fichier(s) 1ÿ963ÿ860 octets
    3 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\All Users\Application Data

    23/11/2001 10:55 <REP> .
    23/11/2001 10:55 <REP> ..
    24/02/2006 18:35 <REP> Apple Computer
    15/01/2006 18:18 <REP> BOONTY
    23/12/2005 10:00 <REP> Lionhead Studios
    16/03/2003 09:42 <REP> Macrovision
    08/11/2006 15:19 <REP> McAfee
    09/09/2005 18:59 <REP> Messenger Plus!
    23/11/2001 10:55 <REP> Microsoft
    18/01/2002 22:36 <REP> MSN6
    30/08/2004 19:07 <REP> pixelStorm
    12/07/2006 22:19 <REP> PlayFirst
    17/04/2002 05:34 <REP> QuickTime
    24/06/2005 17:48 <REP> Real
    26/05/2005 17:50 <REP> Spybot - Search & Destroy
    18/01/2002 10:18 <REP> Symantec
    10/02/2007 19:23 <REP> TEMP
    18/07/2005 11:55 <REP> TuneUp Software
    03/07/2006 22:33 <REP> Windows Genuine Advantage
    18/11/2006 23:31 3ÿ120 118300.34
    23/11/2001 10:55 62 desktop.ini
    10/06/2006 20:22 5ÿ707 QTSBandwidthCache
    3 fichier(s) 8ÿ889 octets
    19 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

    23/11/2001 11:08 <REP> .
    23/11/2001 11:08 <REP> ..
    23/11/2001 11:08 <REP> Microsoft
    15/06/2005 13:37 <REP> Symantec
    0 fichier(s) 0 octets
    4 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

    23/11/2001 11:08 <REP> .
    23/11/2001 11:08 <REP> ..
    23/11/2001 11:08 <REP> Microsoft
    0 fichier(s) 0 octets
    3 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\LocalService\Application Data

    23/11/2001 11:08 <REP> .
    23/11/2001 11:08 <REP> ..
    23/11/2001 11:08 <REP> Microsoft
    02/10/2003 23:06 <REP> PGP
    0 fichier(s) 0 octets
    4 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

    23/11/2001 11:08 <REP> .
    23/11/2001 11:08 <REP> ..
    23/11/2001 11:08 <REP> Microsoft
    19/06/2005 11:02 <REP> Tiscali
    0 fichier(s) 0 octets
    4 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\Propri‚taire\Application Data

    23/11/2001 11:08 <REP> .
    23/11/2001 11:08 <REP> ..
    23/11/2001 11:08 <REP> Identities
    23/11/2001 11:08 <REP> Microsoft
    23/11/2001 11:37 <REP> Microsoft Web Folders
    23/11/2001 11:08 62 desktop.ini
    1 fichier(s) 62 octets
    5 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\Propri‚taire\Local Settings\Application Data

    23/11/2001 11:08 <REP> .
    23/11/2001 11:08 <REP> ..
    23/11/2001 11:08 <REP> Microsoft
    23/11/2001 11:38 1ÿ963ÿ860 IconCache.db
    1 fichier(s) 1ÿ963ÿ860 octets
    3 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\OKERMAN\Application Data

    16/01/2002 17:17 <REP> .
    16/01/2002 17:17 <REP> ..
    02/10/2003 23:09 <REP> Adobe
    10/06/2006 20:01 <REP> Apple Computer
    28/12/2004 10:17 <REP> ArcSoft
    04/01/2007 22:19 <REP> Atari
    28/02/2006 22:02 <REP> EoRezo
    26/05/2004 19:36 <REP> FotoWire
    03/06/2005 20:03 <REP> FUJIFILM
    22/03/2003 13:01 <REP> Games
    23/07/2006 01:28 <REP> Google
    19/01/2002 22:04 <REP> Help
    16/01/2002 17:17 <REP> Identities
    02/10/2003 23:09 <REP> InterTrust
    16/01/2002 17:54 <REP> InterVideo
    27/05/2005 19:23 <REP> Lavasoft
    18/11/2005 17:25 <REP> Lionhead Studios
    12/12/2002 19:23 <REP> Macromedia
    08/11/2006 22:01 <REP> McAfee
    24/06/2005 17:55 <REP> Media Player Classic
    16/01/2002 17:17 <REP> Microsoft
    16/01/2002 17:17 <REP> Microsoft Web Folders
    15/06/2004 21:27 <REP> mioObjects
    18/01/2002 22:36 <REP> MSN6
    02/10/2003 23:04 <REP> PGP
    15/01/2006 18:18 <REP> PlayFirst
    04/02/2007 20:28 <REP> ppstream
    24/06/2005 17:48 <REP> Real
    25/12/2006 10:27 <REP> Sports Interactive
    16/01/2007 18:36 <REP> Sun
    18/01/2002 10:18 <REP> Symantec
    18/07/2005 11:56 <REP> TuneUp Software
    17/02/2006 18:38 <REP> vlc
    30/11/2005 21:10 <REP> XnView
    26/09/2004 19:00 <REP> Yahoo! Messenger
    16/01/2002 17:17 62 desktop.ini
    1 fichier(s) 62 octets
    35 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\OKERMAN\Local Settings\Application Data

    16/01/2002 17:17 <REP> .
    16/01/2002 17:17 <REP> ..
    10/06/2006 20:01 <REP> Apple Computer
    19/07/2006 18:14 <REP> ApplicationHistory
    23/07/2006 01:28 <REP> Google
    19/01/2002 22:04 <REP> Help
    26/01/2002 09:44 <REP> Identities
    15/07/2005 22:47 <REP> IM
    16/01/2002 17:17 <REP> Microsoft
    04/03/2004 19:20 <REP> RcIncidents
    01/06/2006 17:50 <REP> Symantec
    12/01/2004 17:04 <REP> Tiscali
    20/05/2005 19:30 <REP> Wildtangent
    01/06/2006 17:39 <REP> WMTools Downloaded Files
    17/05/2002 22:23 30ÿ208 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    19/07/2006 18:14 130 fusioncache.dat
    22/03/2002 21:46 22ÿ856 GDIPFONTCACHEV1.DAT
    16/01/2002 17:17 2ÿ108ÿ402 IconCache.db
    4 fichier(s) 2ÿ161ÿ596 octets
    14 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\HelpAssistant\Application Data

    03/03/2004 12:43 <REP> .
    03/03/2004 12:43 <REP> ..
    03/03/2004 12:43 <REP> Identities
    03/03/2004 12:43 <REP> Microsoft
    03/03/2004 12:43 <REP> Microsoft Web Folders
    03/03/2004 12:43 62 desktop.ini
    1 fichier(s) 62 octets
    5 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\HelpAssistant\Local Settings\Application Data

    03/03/2004 12:43 <REP> .
    03/03/2004 12:43 <REP> ..
    03/03/2004 12:43 <REP> Microsoft
    03/03/2004 12:43 1ÿ963ÿ860 IconCache.db
    1 fichier(s) 1ÿ963ÿ860 octets
    3 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\TEMP\Application Data

    03/04/2004 12:20 <REP> .
    03/04/2004 12:20 <REP> ..
    03/04/2004 12:20 <REP> Identities
    03/04/2004 12:20 <REP> Microsoft
    03/04/2004 12:20 <REP> Microsoft Web Folders
    03/04/2004 12:20 <REP> PGP
    03/04/2004 12:20 62 desktop.ini
    1 fichier(s) 62 octets
    6 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\TEMP\Local Settings\Application Data

    03/04/2004 12:20 <REP> .
    03/04/2004 12:20 <REP> ..
    03/04/2004 12:20 <REP> Microsoft
    03/04/2004 12:20 1ÿ963ÿ860 IconCache.db
    1 fichier(s) 1ÿ963ÿ860 octets
    3 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\julien\Application Data

    17/10/2004 19:36 <REP> .
    17/10/2004 19:36 <REP> ..
    17/10/2004 19:36 <REP> Identities
    17/10/2004 19:36 <REP> Microsoft
    17/10/2004 19:36 <REP> Microsoft Web Folders
    17/10/2004 19:37 <REP> PGP
    17/10/2004 19:37 62 desktop.ini
    1 fichier(s) 62 octets
    6 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Documents and Settings\julien\Local Settings\Application Data

    17/10/2004 19:36 <REP> .
    17/10/2004 19:36 <REP> ..
    17/10/2004 19:36 <REP> Microsoft
    17/10/2004 19:41 3ÿ584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    17/10/2004 19:37 4ÿ315ÿ110 IconCache.db
    2 fichier(s) 4ÿ318ÿ694 octets
    3 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

    23/11/2001 11:07 <REP> .
    23/11/2001 11:07 <REP> ..
    16/01/2002 17:16 <REP> Identities
    23/11/2001 11:07 <REP> Microsoft
    16/01/2002 17:16 <REP> Microsoft Web Folders
    03/10/2003 07:40 <REP> PGP
    08/06/2004 17:59 <REP> Symantec
    23/11/2001 11:07 62 desktop.ini
    1 fichier(s) 62 octets
    7 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

    23/11/2001 11:07 <REP> .
    23/11/2001 11:07 <REP> ..
    16/01/2002 17:16 <REP> Microsoft
    16/01/2002 17:16 1ÿ963ÿ860 IconCache.db
    1 fichier(s) 1ÿ963ÿ860 octets
    3 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\WINDOWS\Tasks

    08/12/2006 18:49 284 AppleSoftwareUpdate.job
    17/11/2006 18:46 570 Norton AntiVirus - Analyser mon ordinateur - OKERMAN.job
    18/07/2005 11:56 412 Maintenance en 1 clic.job
    02/04/2004 22:47 6 SA.DAT
    23/11/2001 11:02 <REP> ..
    23/11/2001 11:02 <REP> .
    23/11/2001 10:47 65 desktop.ini
    5 fichier(s) 1ÿ337 octets
    2 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres

    ******************************************
    ## Répertoires de C:\Program Files

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 3C20-7EDC

    R‚pertoire de C:\Program Files

    23/11/2001 10:55 <REP> .
    23/11/2001 10:55 <REP> ..
    19/04/2002 18:57 <REP> Adobe
    16/01/2002 17:58 <REP> ahead
    28/08/2006 22:35 <REP> Alwil Software
    08/12/2006 18:48 <REP> Apple Software Update
    28/12/2004 10:10 <REP> ArcSoft
    02/08/2005 11:48 <REP> ArtMoney
    01/10/2003 14:27 <REP> bin
    18/01/2003 22:52 <REP> BoontyGames
    19/12/2001 14:14 <REP> CompaqNET.fr
    18/06/2003 19:46 <REP> Cyanide
    16/07/2005 13:24 <REP> CymFast
    26/05/2004 19:37 <REP> directx
    18/01/2002 20:26 <REP> EA SPORTS
    18/01/2002 20:27 <REP> EACOM
    19/01/2002 16:26 <REP> ECI Telecom
    18/02/2002 17:21 <REP> EHMINSTALL
    26/11/2003 19:44 <REP> Eidos
    10/10/2004 13:10 <REP> eMule
    29/01/2005 18:57 <REP> Enlight
    28/02/2006 22:02 <REP> eoRezo
    01/10/2003 14:27 <REP> etc
    06/02/2006 21:08 <REP> fdjeux
    23/11/2001 10:55 <REP> Fichiers communs
    01/10/2003 14:27 <REP> files
    20/12/2004 11:14 <REP> FileZilla
    03/06/2005 19:52 <REP> FinePixViewer
    05/08/2002 17:57 <REP> Hasbro Interactive
    04/02/2007 21:11 <REP> Instant Access
    31/12/2003 19:01 <REP> InterActual
    23/11/2001 11:02 <REP> Internet Explorer
    19/12/2001 14:14 <REP> InterVideo
    08/12/2006 18:54 <REP> iPod
    08/12/2006 18:53 <REP> iTunes
    13/03/2003 22:03 <REP> Jeux classiques
    23/12/2005 13:40 <REP> JVTorrent
    24/06/2005 17:48 <REP> K-Lite Codec Pack
    17/12/2006 14:49 <REP> Lavasoft
    28/09/2005 16:04 <REP> LHM2005
    18/11/2005 17:13 <REP> Lionhead Studios Ltd
    26/05/2004 19:28 <REP> Logitech
    15/10/2005 17:49 <REP> ManagerX
    08/10/2003 20:29 <REP> Maxis
    30/01/2003 21:02 <REP> MediaLoads
    23/11/2001 11:00 <REP> Messenger
    04/03/2004 18:37 <REP> Messenger Plus! 2
    31/07/2005 17:18 <REP> Messenger Plus! 3
    16/07/2005 00:07 <REP> MessengerPlus! 3
    16/08/2002 13:28 <REP> Micro Application
    03/06/2002 18:50 <REP> Microsoft AutoRoute Express Europe 2000
    23/11/2001 11:05 <REP> microsoft frontpage
    18/01/2002 19:34 <REP> Microsoft Games
    23/11/2001 11:37 <REP> Microsoft Office
    25/12/2002 19:38 <REP> Mindscape
    23/11/2001 11:02 <REP> Movie Maker
    23/11/2001 11:00 <REP> MSN Gaming Zone
    02/03/2004 20:44 <REP> MSN Messenger
    18/03/2004 19:17 <REP> MyWebSearch
    23/11/2001 11:02 <REP> NetMeeting
    19/12/2001 14:14 <REP> NetWaiting
    16/05/2006 19:06 <REP> NewSoft
    17/11/2006 18:39 <REP> Norton AntiVirus
    23/11/2001 11:02 <REP> Outlook Express
    19/07/2006 18:13 <REP> PCMEdit
    15/08/2005 19:37 <REP> PhotoFiltre
    05/04/2004 20:02 <REP> Picasa
    19/08/2006 11:24 <REP> Picasa2
    03/06/2005 19:53 <REP> PIXELA
    04/02/2007 20:28 <REP> PPStream
    17/04/2002 05:33 <REP> QuickTime
    12/07/2006 19:25 <REP> Real
    03/06/2005 19:50 <REP> REGSHAVE
    12/07/2006 19:25 774ÿ144 RngInterstitial.dll
    23/11/2001 11:00 <REP> Services en ligne
    18/01/2002 20:34 <REP> Sierra On-Line
    28/01/2007 14:21 <REP> Sports Interactive
    17/11/2006 18:38 <REP> Symantec
    18/11/2006 13:44 <REP> Symantec Technical Support
    17/11/2006 18:55 <REP> SymNetDrv
    25/08/2005 18:52 <REP> Telecom Italia France
    29/01/2005 23:19 <REP> The Adventure Company
    12/01/2004 17:03 <REP> Tiscali
    27/04/2003 14:24 <REP> Total War
    21/01/2007 20:30 <REP> TuneUp Utilities 2007
    12/04/2006 18:55 <REP> TvAnts
    17/02/2006 18:33 <REP> VideoLAN
    23/06/2005 17:15 <REP> VirginMega
    26/01/2002 09:43 <REP> Wanadoo
    25/12/2005 11:25 <REP> WiFiConnector
    05/01/2007 19:53 <REP> Windows Media Connect 2
    23/11/2001 11:02 <REP> Windows Media Player
    23/11/2001 11:00 <REP> Windows NT
    13/07/2005 15:02 <REP> WinRAR
    23/11/2001 11:05 <REP> xerox
    30/11/2005 21:02 <REP> XnView
    19/12/2001 14:14 <REP> Your Application Name
    1 fichier(s) 774ÿ144 octets
    96 R‚p(s) 14ÿ697ÿ005ÿ056 octets libres

    ******************************************
    ## Popups autorisées

    * Internet Explorer

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
    www.kadokado.com REG_BINARY 0000

    * Mozilla Firefox (1 autorisé 2 interdit)

    ******************************************
    ## Registre

    ******************************************
    ## Zones de sécurité

    * HKCU Domains (4)

    * P3P History (5)

    ******************************************
    ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

    *************** Fin du rapport ****************

    Merci d'avance pour ceux qui voudront bien m'aider !!!
    0
  3. Utilisateur anonyme
     
    Re

    Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
    Les manipulations sont à faire sans interruption et dans l'ordre.
    Si tu ne comprends pas quelque chose, demande des explications avant de commencer.


    $$ Télécharge Brute Force Uninstaller (de Merijn)
    http://www.merijn.org/files/bfu.zip
    Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

    $$ FAIS UN CLIC-DROIT sur le lien suivant
    http://metallica.geekstogo.com/EGDACCESS.bfu
    et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

    $$ FAIS UN CLIC-DROIT sur le lien suivant
    http://perso.orange.fr/Chercheur-perso/scripts/toolbar.bfu
    et choisis "Enregistrer la cible sous..." afin de télécharger toolbar.bfu (de Chercheur). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir trois fichiers dans le dossier C:\BFU.

    $$ Télécharge Navipromo.zip
    http://perso.numericable.fr/~altshift/Info/Fichiers/Navipromo07H.zip
    Décompresse-le sur ton bureau

    $$ Télécharge SDFix sur ton bureau
    http://downloads.andymanchesta.com/RemovalTools/SDFix.zip

    $$ Redémarre en mode Sans Échec : Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
    Démarre l'ordinateur.
    Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
    En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.

    $$ Lance le fichier Navipromo.bat qui se trouve dans le dossier Navipromo, sur ton bureau.
    Sélectionne l'option "Recherche et suppression automatique". Patiente.
    S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
    Lorsqu'il a terminé, ferme le rapport qui s'est ouvert

    * Relance l'outil, Sélectionne l'option "Suppression Heuristique", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert

    $$ Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

    --- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

    toolbar.bfu

    Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\toolbar.bfu
    Clique sur Execute et laisse-le faire son travail.
    Attendre que Complete script execution apparaîsse et clique sur OK.

    --- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

    EGDACCESS.bfu

    Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
    Clique sur Execute et laisse-le faire son travail.
    Attendre que Complete script execution apparaîsse et clique sur OK.

    Clique Exit pour fermer le programme BFU.

    $$ Clique sur Démarrer -> panneau de configuration -> options internet
    Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

    electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd"

    => Supprime-les tous

    $$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout"
    Double-clique sur RunThis.bat
    Tape Y pour lancer le script.
    Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
    Presse une touche pour redémarrer
    Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

    Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt" avec le contenu du fichier Navipromo.txt qui se trouve dans Poste de travail > disque C:\, le rapport situé ici C:\egd.txt et un nouveau HijackThis.
    0
  4. juju4444 Messages postés 5 Date d'inscription   Statut Membre
     
    Merci beaucoup pour votre aide, voici les rapports que vous m'avez demandé :

    SDFix :

    SDFix: Version 1.65

    Run by: OKERMAN - 14/02/2007 @ 22:51:28,75

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\SDFix

    Safe Mode:
    Checking Services:

    Name:

    Path:

    Restoring Windows Registry Entries
    Restoring Default Hosts File

    Rebooting...

    Normal Mode:
    Checking Files:

    Below files will be copied to Backups folder then removed:

    C:\WINDOWS\system32\TFTP3556 - Deleted
    C:\WINDOWS\system32\TFTP2544 - Deleted

    ADS Check:

    C:\WINDOWS\system32
    No streams found.

    Final Check:

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\Program Files\\Cyanide\\Cycling Manager 4\\Cym2004.exe"="C:\\Program Files\\Cyanide\\Cycling Manager 4\\Cym2004.exe:*:Enabled:CyclingManager"
    "C:\\Documents and Settings\\OKERMAN\\Mes documents\\julien\\blobby\\volley.exe"="C:\\Documents and Settings\\OKERMAN\\Mes documents\\julien\\blobby\\volley.exe:*:Enabled:volley"
    "C:\\WINDOWS\\System32\\dplaysvr.exe"="C:\\WINDOWS\\System32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
    "C:\\WINDOWS\\System32\\rtcshare.exe"="C:\\WINDOWS\\System32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
    "C:\\Program Files\\Micro Application\\Super Jeux de Cartes\\Jeu de Tarot\\Tarot365.exe"="C:\\Program Files\\Micro Application\\Super Jeux de Cartes\\Jeu de Tarot\\Tarot365.exe:*:Enabled:Application Jeu de Tarot"
    "C:\\Program Files\\Cyanide\\Pro Rugby Manager 2005\\Rugby.exe"="C:\\Program Files\\Cyanide\\Pro Rugby Manager 2005\\Rugby.exe:*:Enabled:Pro Rugby Manager 2005"
    "C:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"="C:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe:*:Enabled:GameCenter"
    "C:\\Program Files\\Cyanide\\Pro Cycling Manager Demo\\Cym2005.exe"="C:\\Program Files\\Cyanide\\Pro Cycling Manager Demo\\Cym2005.exe:*:Enabled:Cym2005"
    "C:\\Program Files\\Kazaa\\kazaa.exe"="C:\\Program Files\\Kazaa\\kazaa.exe:*:Disabled:Kazaa Media Desktop"
    "C:\\Program Files\\Messenger\\MSMSGS.EXE"="C:\\Program Files\\Messenger\\MSMSGS.EXE:*:Disabled:Windows Messenger"
    "C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Disabled:Windows® NetMeeting®"
    "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
    "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
    "C:\\Program Files\\IncrediMail\\BIN\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\BIN\\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\\WINDOWS\\System32\\dpnsvr.exe"="C:\\WINDOWS\\System32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\WINDOWS\\System32\\dpvsetup.exe"="C:\\WINDOWS\\System32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"="C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe:*:Enabled:Connecteur Wi-Fi USB Nintendo"
    "C:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"="C:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\\Program Files\\TvAnts\\Tvants.exe"="C:\\Program Files\\TvAnts\\Tvants.exe:*:Enabled:Tvants"
    "C:\\Program Files\\Cyanide\\Pro Cycling Manager - Saison 2006 - Demo\\PCM.EXE"="C:\\Program Files\\Cyanide\\Pro Cycling Manager - Saison 2006 - Demo\\PCM.EXE:*:Enabled:pcm"
    "C:\\Program Files\\Cyanide\\Pro Cycling Manager - Saison 2006\\PCM.EXE"="C:\\Program Files\\Cyanide\\Pro Cycling Manager - Saison 2006\\PCM.EXE:*:Enabled:pcm"
    "C:\\WINDOWS\\JAVA\\powerfootball\\PowerFootball-D3D9.exe"="C:\\WINDOWS\\JAVA\\powerfootball\\PowerFootball-D3D9.exe:*:Enabled:PowerFootball-D3D9"
    "C:\\Program Files\\JVTorrent\\btdownloadgui.exe"="C:\\Program Files\\JVTorrent\\btdownloadgui.exe:*:Disabled:btdownloadgui"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\PPLive\\PPLive.exe"="C:\\Program Files\\PPLive\\PPLive.exe:*:Disabled:PPLive"
    "C:\\Program Files\\Fichiers communs\\Synacast\\SynaLive\\PE.exe"="C:\\Program Files\\Fichiers communs\\Synacast\\SynaLive\\PE.exe:*:Disabled:SynacastPE"
    "C:\\Documents and Settings\\OKERMAN\\Mes documents\\julien\\viviplay.exe"="C:\\Documents and Settings\\OKERMAN\\Mes documents\\julien\\viviplay.exe:*:Disabled:ViViMediaPlay Microsoft ???????"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\Coolstreaming\\coolstreaming.exe"="C:\\Program Files\\Coolstreaming\\coolstreaming.exe:*:Disabled:coolstreaming"
    "C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\HelpCtr.exe"="C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "C:\\Program Files\\Sports Interactive\\Football Manager 2007\\fm.exe"="C:\\Program Files\\Sports Interactive\\Football Manager 2007\\fm.exe:*:Enabled:Football Manager 2007"
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\\Documents and Settings\\OKERMAN\\Mes documents\\julien\\SopCast_062_fr\\SopCast\\SopCast\\SopCast.exe"="C:\\Documents and Settings\\OKERMAN\\Mes documents\\julien\\SopCast_062_fr\\SopCast\\SopCast\\SopCast.exe:*:Enabled:SoP Client"
    "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
    "C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPStream"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    Remaining Files:
    ---------------

    Backups Folder: - C:\SDFix\backups\backups.zip

    Checking For Files with Hidden Attributes :

    C:\Program Files\Picasa2\setup.exe
    C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

    Finished

    NaviPromo :

    Rapport Navipromo.bat 0.71 effectué le 14/02/2007 à 22:42:46,98
    L'opération se déroule en mode sans échec sous le compte "OKERMAN"

    ** Recherche...

    1/ kmenav trouvé, recherche de kmenav*
    C:\WINDOWS\system32\kmenav.exe
    C:\WINDOWS\system32\kmenav.dat
    C:\WINDOWS\system32\kmenav_nav.dat
    C:\WINDOWS\system32\kmenav_navps.dat
    C:\WINDOWS\prefetch\KMENAV.EXE-38E54D36.pf

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    kmenav REG_SZ c:\windows\system32\kmenav.exe kmenav

    ------------------
    Fin du rapport de recherche
    Adware Navipromo trouvé 1 fois avec cette méthode

    ################################################

    ** Nettoyage...

    1/ Déplacement de kmenav* vers C:\Navipromo\Backups...
    C:\WINDOWS\System32\kmenav* déplacé avec succès !
    C:\WINDOWS\prefetch\kmenav* déplacé avec succès

    ------------------
    * Suppression clés et valeurs de registre
    1 entrées de registre netttoyées

    * Backups :

    C:\Navipromo\Backups\HKLMRun.reg
    C:\Navipromo\Backups\HKCURun.reg
    C:\Navipromo\Backups\Uninstall.reg
    C:\Navipromo\Backups\ARPCache.reg
    C:\Navipromo\Backups\kmenav.exe
    C:\Navipromo\Backups\kmenav.dat
    C:\Navipromo\Backups\kmenav_nav.dat
    C:\Navipromo\Backups\kmenav_navps.dat
    C:\Navipromo\Backups\KMENAV.EXE-38E54D36.pf
    C:\Navipromo\Backups\pack.epk

    Ajout d'extension .off aux backups

    ## Fin du rapport de Suppression

    -------------

    Rapport Navipromo.bat 0.72 effectué le 14/02/2007 à 22:43:26,42
    L'opération se déroule en mode sans échec sous le compte "OKERMAN"

    ## Suppression Heuristique

    * Backups :

    Aucun résultat par la recherche heuristique

    ## Fin du rapport Heuristique

    egd :

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "KeyMaestro"="C:\\KMaestro\\KMaestro.exe"
    "NeroCheck"="C:\\WINDOWS\\System32\\NeroCheck.exe"
    "TiscaliParam"="C:\\Program Files\\Tiscali\\Dialer\\bootparam.exe"
    "GSICONEXE"="GSICON.EXE"
    "DSLAGENTEXE"="dslagent.exe USB"
    "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
    "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
    "REGSHAVE"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
    "MessengerPlus3"="\"C:\\Program Files\\Messenger Plus! 3\\MsgPlus.exe\""
    "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
    "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "KernelFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
    00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
    5c,00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,6b,\
    00,00,00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KeyMaestro]
    "FirstRun"=dword:00000001
    "RepeatFlag"=dword:00000000
    "PowerEnable"=dword:00000001
    "BTCplayEnable"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"

    HijackThis :

    Logfile of HijackThis v1.99.1
    Scan saved at 23:06:36, on 14/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\KMaestro\Key_f.EXE
    C:\WINDOWS\system32\GSICON.EXE
    C:\WINDOWS\system32\dslagent.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Documents and Settings\OKERMAN\Menu Démarrer\Programmes\Démarrage\Calc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {622264E1-7BC3-5BE4-AF69-0C095099A832} - (no file)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Barre &Magique - {01A7812B-59E8-4A4F-BFD6-EEE6D4CB6BA2} - C:\Program Files\Telecom Italia France\Barre Magique 1.05.08.22\Tiscali BBar.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [KeyMaestro] C:\KMaestro\KMaestro.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
    O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
    O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Startup: Calc.exe
    O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020124/qtinstall.info.apple.com/qt505/fr/win/QuickTimeInstaller.exe
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
    O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
    O18 - Protocol: bw+0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Windows Update Service (wuamgrd) - Unknown owner - C:\WINDOWS\System32\wuamgrd.exe (file missing)

    Là, je vais dormir, je ferais les dernières choses à faire que vous me direz (si il y en a) demain.
    Merci encore !
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Re

    C'est mieux.

    Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
    Les manipulations sont à faire sans interruption et dans l'ordre.
    Si tu ne comprends pas quelque chose, demande des explications avant de commencer


    1 Télécharge
    CCleaner.

    http://www.filehippo.com/download_ccleaner.html
    Installe le dans un répertoire dédié.

    AVG Anti-Spyware
    https://www.avg.com/en-ww/free-antivirus-download
    Tu l'installes.
    Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

    2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
    Démarre l'ordinateur.
    Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
    En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.

    3 Relance un scan HijackThis et coche les lignes ci-dessous :

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {622264E1-7BC3-5BE4-AF69-0C095099A832} - (no file)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
    O18 - Protocol: bw+0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {CC605355-8C24-4386-BE16-62F2AD2B4623} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
    O23 - Service: Windows Update Service (wuamgrd) - Unknown owner - C:\WINDOWS\System32\wuamgrd.exe (file missing)

    Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

    4 Tu clique sur Démarrer puis Exécuter, tu tapes services.msc et tu cliques sur OK.

    Dans la liste des services, cherche et sélectionne
    "Windows Update Service" / double clique sur la ligne
    / vérifie dans Chemin d'accès des fichiers exécutables qu'il
    s'agit bien de "C:\WINDOWS\System32\wuamgrd.exe" / dans Type de démarrage,
    sélectionne Désactiver / valide la modification.

    5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

    C:\WINDOWS\System32\wuamgrd.exe

    6 Lance le nettoyage avec CCleaner

    7 Lance AVG Anti-Spyware
    Clique sur le bouton Analyse (de la barre d'outils)
    Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
    Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
    A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
    Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

    8 Redémarre normalement

    Poste un nouveau log HijackThis avec le rapport d'AVG Anti-Spyware.
    0
  7. juju4444 Messages postés 5 Date d'inscription   Statut Membre
     
    Re voila j'ai fini les manips !

    Voici mes rapports :

    HijackThis :

    Logfile of HijackThis v1.99.1
    Scan saved at 19:45:39, on 15/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\GSICON.EXE
    C:\WINDOWS\system32\dslagent.exe
    C:\KMaestro\Key_f.EXE
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Documents and Settings\OKERMAN\Menu Démarrer\Programmes\Démarrage\Calc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Barre &Magique - {01A7812B-59E8-4A4F-BFD6-EEE6D4CB6BA2} - C:\Program Files\Telecom Italia France\Barre Magique 1.05.08.22\Tiscali BBar.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [KeyMaestro] C:\KMaestro\KMaestro.exe
    O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
    O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
    O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Startup: Calc.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020124/qtinstall.info.apple.com/qt505/fr/win/QuickTimeInstaller.exe
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

    AVG Anti-Spyware :

    ---------------------------------------------------------
    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 19:34:58 15/02/2007

    + Résultat de l'analyse:

    C:\System Volume Information\_restore{7D5CE0DA-D4E0-4587-A242-A0D581FF9B59}\RP92\A0014982.exe -> Dialer.InstantAccess.af : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{7D5CE0DA-D4E0-4587-A242-A0D581FF9B59}\RP92\A0014981.exe -> Dialer.InstantAccess.am : Nettoyé et sauvegardé (mise en quarantaine).

    Fin du rapport

    Merci encore pour votre aide ! Au passage, est-ce que je dois supprimer tous les fichiers BFU, AVG, HijackThis ou bien je les garde ?
    0
  8. Utilisateur anonyme
     
    Bonjour

    HijackThis est propre.

    Supprime BlackLight, Lopxpmh, BFU, Navipromo, SDFix.

    Garde CCleaner pour l'utiliser régulièrement et faire du ménage.

    Tu peux faire pareil avec AVG anti-spyware.

    As tu encore des dysfonctionnements ?
    0
  9. juju4444 Messages postés 5 Date d'inscription   Statut Membre
     
    Non tout à l'air de marcher très bien, je n'ai plus aucun pop-up merci beaucoup pour tout... c'est beaucoup mieux !!!

    A bientôt !
    0