Fenètres intenpestives et ordinateur ralenti
gael22
-
papyber Messages postés 6430 Statut Contributeur sécurité -
papyber Messages postés 6430 Statut Contributeur sécurité -
Bonjour,
Depuis quelques temps, je vois apparaitre des fenètres intempestives lorsque je surf sur internet (casino, video gag, navisearch, system doctor...). J'ai également Crazy girl qui s'installe tout seul sur mon bureau. Je désinstalle il se resinstalle tout seul. La taille des lettres sur google change toute seul. Parfois on ne peut plus lire ce qui est écrit tellement c'est petit. Habituellement je surfais à partir d'aol vu les désagréments, je suis passé par fire fox, mais aujourd'hui il est également envahi. Je scanne régulièrement avec spy bot, adaware, et mon anti-virus bitdefender mais pas d'amélioration. je fais donc appelle à vos lumières.
En vous remerciant par avance pour vos réponses.
Depuis quelques temps, je vois apparaitre des fenètres intempestives lorsque je surf sur internet (casino, video gag, navisearch, system doctor...). J'ai également Crazy girl qui s'installe tout seul sur mon bureau. Je désinstalle il se resinstalle tout seul. La taille des lettres sur google change toute seul. Parfois on ne peut plus lire ce qui est écrit tellement c'est petit. Habituellement je surfais à partir d'aol vu les désagréments, je suis passé par fire fox, mais aujourd'hui il est également envahi. Je scanne régulièrement avec spy bot, adaware, et mon anti-virus bitdefender mais pas d'amélioration. je fais donc appelle à vos lumières.
En vous remerciant par avance pour vos réponses.
A voir également:
- Fenètres intenpestives et ordinateur ralenti
- Pc ralenti - Guide
- Comment réinitialiser un ordinateur - Guide
- Clavier de l'ordinateur - Guide
- Mettre une vidéo au ralenti iphone - Guide
- # Sur ordinateur - Guide
7 réponses
Télécharge Blacklight (le 1er de la page)
https://europe.f-secure.com/exclude/blacklight/index.shtml
Enregistre le sur ton Bureau.
Double-clique blbeta.exe
Clique sur "I ACCEPT" .
clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
poste ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite car des fichiers légitimes peuvent être présents, tel wbemtest.exe
télécharge et installe le logiciel HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
et poste le rapport
https://europe.f-secure.com/exclude/blacklight/index.shtml
Enregistre le sur ton Bureau.
Double-clique blbeta.exe
Clique sur "I ACCEPT" .
clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
poste ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite car des fichiers légitimes peuvent être présents, tel wbemtest.exe
télécharge et installe le logiciel HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
et poste le rapport
· Télécharge Brute Force Uninstaller (de Merjin)
http://www.merijn.org/files/bfu.zip
et décompresse-le dans un dossier propre à lui (C:\BFU).
Fais un clic droit de souris sur ce lien :
http://metallica.geekstogo.com/EGDACCESS.bfu
et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..") afin de télécharger EGDACCESS.bfu, Type "Tous les fichiers". Sauvegarde dans le dossier créé (C:\BFU).
· télécharge Winsoftware.bfu et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..")
afin de télécharger Winsoftware.bfu, Type "Tous les fichiers".
http://perso.numericable.fr/~altshift/Info/Fichiers/Winsoftware.bfu
Sauvegarde dans le dossier créé (c:\BFU)
· Télécharge Navipromo.zip (de Lazzzy)
http://www.alt-shift-return.org/Info/Fichiers/Navipromo07H.zip
et décompresse-le sur ton bureau.
· Copie la suite des instructions dans un fichier texte, sur ton bureau et Redémarre en mode sans échec
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou autre.
Lance le fichier Navipromo.bat qui se trouve dans le dossier Navipromo, sur ton bureau.
· Options :
Sélectionne l'option "Recherche et suppression automatique". Patiente.
·
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé puis valide en appuyant sur Entrée.
·
Relance l'outil, Sélectionne l'option "Suppression Heuristique", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Démarre le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : EGDACCESS.bfu
Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaîsse et clique sur OK. Clique exit pour fermer le programme BFU.
Recommence encore une fois l'éxécution du script Egdaccess.BFU
Démarre encore le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : Winsoftware.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Winsoftware.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaîsse et clique sur OK.
Clique exit pour fermer le programme BFU.
Recommence encore une fois
Démarrer -> panneau de configuration -> options internet.
o Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd
Supprime-les tous.
Redémarre normalement et poste le contenu du fichier Navipromo.txt qui se trouve dans Poste de travail > disque C:\
et un hijack this
http://www.merijn.org/files/bfu.zip
et décompresse-le dans un dossier propre à lui (C:\BFU).
Fais un clic droit de souris sur ce lien :
http://metallica.geekstogo.com/EGDACCESS.bfu
et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..") afin de télécharger EGDACCESS.bfu, Type "Tous les fichiers". Sauvegarde dans le dossier créé (C:\BFU).
· télécharge Winsoftware.bfu et choisis "Enregistrer sous" (dans IE c'est "Enregistrer le lien sous..")
afin de télécharger Winsoftware.bfu, Type "Tous les fichiers".
http://perso.numericable.fr/~altshift/Info/Fichiers/Winsoftware.bfu
Sauvegarde dans le dossier créé (c:\BFU)
· Télécharge Navipromo.zip (de Lazzzy)
http://www.alt-shift-return.org/Info/Fichiers/Navipromo07H.zip
et décompresse-le sur ton bureau.
· Copie la suite des instructions dans un fichier texte, sur ton bureau et Redémarre en mode sans échec
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou autre.
Lance le fichier Navipromo.bat qui se trouve dans le dossier Navipromo, sur ton bureau.
· Options :
Sélectionne l'option "Recherche et suppression automatique". Patiente.
·
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé puis valide en appuyant sur Entrée.
·
Relance l'outil, Sélectionne l'option "Suppression Heuristique", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Démarre le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : EGDACCESS.bfu
Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaîsse et clique sur OK. Clique exit pour fermer le programme BFU.
Recommence encore une fois l'éxécution du script Egdaccess.BFU
Démarre encore le "Brute Force Uninstaller" en double-cliquant sur BFU.exe.
Clique sur le petit dossier jaune, à la droite de la boîte "Scriptline to execute", et double-clique sur : Winsoftware.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Winsoftware.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attendre que "Complete script execution" apparaîsse et clique sur OK.
Clique exit pour fermer le programme BFU.
Recommence encore une fois
Démarrer -> panneau de configuration -> options internet.
o Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd
Supprime-les tous.
Redémarre normalement et poste le contenu du fichier Navipromo.txt qui se trouve dans Poste de travail > disque C:\
et un hijack this
tu feras aussi ceci
Télécharge LopXPMH sur ton Bureau.
http://www.alt-shift-return.org/Info/Fichiers/lopxpMH2_Beta.zip
Dézippe-le et double clique sur le fichier lopxpMH.bat.
Poste le contenu du rapport qui va s'ouvrir.
Télécharge LopXPMH sur ton Bureau.
http://www.alt-shift-return.org/Info/Fichiers/lopxpMH2_Beta.zip
Dézippe-le et double clique sur le fichier lopxpMH.bat.
Poste le contenu du rapport qui va s'ouvrir.
Bonsoir papyber,
J'ai suivi tes recommandations. Tout d'abord, voici le rapport lop:
Rapport fait à 21:07:31,28 le 25/03/2007
******************************************
## Répertoires Application Data
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\All Users\Application Data
23/06/2005 22:55 <REP> .
23/06/2005 22:55 <REP> ..
23/06/2005 23:10 <REP> Adobe
30/12/2005 17:01 <REP> AOL
07/10/2006 20:44 <REP> AOL Downloads
18/07/2006 20:19 <REP> Apple Computer
23/06/2005 23:11 <REP> CyberLink
26/11/2005 09:42 <REP> eConsole
23/06/2005 22:55 <REP> Microsoft
08/07/2006 17:33 <REP> NtiDvdCopy
27/11/2005 14:38 <REP> nView_Profiles
27/12/2005 09:47 <REP> QuickTime
21/12/2005 20:29 <REP> SBT
02/01/2006 21:11 <REP> Spybot - Search & Destroy
23/06/2005 23:13 <REP> Symantec
30/12/2005 18:09 <REP> UDL
30/12/2005 17:03 <REP> Viewpoint
29/06/2006 06:48 <REP> Windows Genuine Advantage
24/09/2006 09:19 <REP> Yahoo! Companion
23/06/2005 22:56 62 desktop.ini
07/12/2006 14:42 0 ISx14.tmp
07/12/2006 14:49 0 ISx15.tmp
07/12/2006 14:58 0 ISx2B.tmp
09/12/2006 17:53 0 ISxA2.tmp
09/12/2006 18:09 0 ISxA3.tmp
09/12/2006 18:10 0 ISxA4.tmp
07/12/2006 17:22 0 ISxBB.tmp
8 fichier(s) 62 octets
19 R‚p(s) 61ÿ622ÿ476ÿ800 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Confo\Application Data
22/11/2005 19:40 <REP> .
22/11/2005 19:40 <REP> ..
22/11/2005 19:40 <REP> Adobe
08/12/2005 15:25 <REP> AdobeUM
30/12/2005 17:04 <REP> AOL
18/07/2006 20:47 <REP> Apple Computer
13/11/2006 18:08 <REP> ArcSoft
02/12/2005 17:47 <REP> CyberLink
02/12/2006 20:13 <REP> dvdcss
04/03/2006 15:08 <REP> EPSON
18/12/2005 21:13 <REP> FUJIFILM
30/12/2005 22:00 <REP> Google
27/12/2005 19:14 <REP> Help
22/11/2005 19:40 <REP> Identities
31/12/2005 14:23 <REP> Lavasoft
30/12/2005 17:25 <REP> Macromedia
22/11/2005 19:40 <REP> Microsoft
21/12/2005 20:18 <REP> Microsoft Web Folders
29/10/2006 22:35 <REP> Mozilla
09/02/2006 20:19 <REP> MSNInstaller
03/05/2006 14:56 <REP> Orph‚e D‚veloppement
24/02/2007 22:20 <REP> Real
21/01/2006 16:45 <REP> Sun
22/11/2005 19:40 <REP> Symantec
09/07/2006 10:33 <REP> U3
11/12/2006 00:27 <REP> vlc
30/12/2005 17:03 <REP> You've Got Pictures Screensaver
22/11/2005 19:40 62 desktop.ini
1 fichier(s) 62 octets
27 R‚p(s) 61ÿ622ÿ476ÿ800 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Confo\Local Settings\Application Data
22/11/2005 19:40 <REP> .
22/11/2005 19:40 <REP> ..
22/11/2005 19:40 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150020}
22/11/2005 19:40 <REP> Adobe
02/10/2006 18:21 <REP> AOL
18/07/2006 20:47 <REP> Apple Computer
30/12/2005 22:00 <REP> Google
27/12/2005 19:14 <REP> Help
04/12/2005 11:54 <REP> Identities
22/11/2005 19:40 <REP> Microsoft
29/10/2006 22:35 <REP> Mozilla
21/02/2007 00:33 <REP> RcIncidents
16/01/2006 20:42 <REP> toaster
25/11/2005 18:49 <REP> WMTools Downloaded Files
18/12/2005 21:32 79ÿ360 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
26/11/2005 09:43 81ÿ976 GDIPFONTCACHEV1.DAT
2 fichier(s) 161ÿ336 octets
14 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Default User\Application Data
23/06/2005 22:55 <REP> .
23/06/2005 22:55 <REP> ..
22/11/2005 19:40 <REP> Adobe
22/11/2005 19:40 <REP> Identities
23/06/2005 22:55 <REP> Microsoft
22/11/2005 19:40 <REP> Symantec
23/06/2005 22:56 62 desktop.ini
1 fichier(s) 62 octets
6 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data
23/06/2005 22:56 <REP> .
23/06/2005 22:56 <REP> ..
22/11/2005 19:40 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150020}
22/11/2005 19:40 <REP> Adobe
23/06/2005 23:01 <REP> Microsoft
22/11/2005 19:40 2ÿ661ÿ402 IconCache.db
1 fichier(s) 2ÿ661ÿ402 octets
5 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\LocalService\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\NetworkService\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
10/01/2007 16:50 <REP> PCHealth
0 fichier(s) 0 octets
4 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data
23/06/2005 23:03 <REP> .
23/06/2005 23:03 <REP> ..
22/11/2005 19:40 <REP> Adobe
22/11/2005 19:40 <REP> Identities
23/06/2005 23:03 <REP> Microsoft
22/11/2005 19:40 <REP> Symantec
23/06/2005 23:03 62 desktop.ini
1 fichier(s) 62 octets
6 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
23/06/2005 23:03 <REP> .
23/06/2005 23:03 <REP> ..
22/11/2005 19:40 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150020}
22/11/2005 19:40 <REP> Adobe
23/06/2005 23:03 <REP> Microsoft
22/11/2005 19:40 2ÿ661ÿ402 IconCache.db
1 fichier(s) 2ÿ661ÿ402 octets
5 R‚p(s) 61ÿ622ÿ468ÿ608 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
C:\WINDOWS\Tasks\MP
MP inexploitable
******************************************
## Répertoires de C:\Program Files
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Program Files
21/03/2007 22:00 <REP> .
21/03/2007 22:00 <REP> ..
23/06/2005 23:11 <REP> acer
23/06/2005 23:10 <REP> Adobe
23/06/2005 23:12 <REP> AMD
07/10/2006 20:45 <REP> AOL
21/02/2007 01:01 <REP> AOL 9.0
20/11/2006 16:20 <REP> AOL 9.0d
22/01/2007 18:02 <REP> AOL Compagnon
06/01/2007 14:20 <REP> AOL Toolbar
28/02/2007 23:56 <REP> CCleaner
30/12/2005 21:34 <REP> Celestia
23/06/2005 23:00 <REP> ComPlus Applications
23/06/2005 23:11 <REP> CyberLink
24/12/2005 14:40 <REP> directx
08/07/2006 14:22 <REP> DVD Decrypter
30/12/2005 18:10 <REP> epson
24/02/2007 22:24 <REP> Fichiers communs
06/03/2007 12:01 <REP> FinePixViewer
23/02/2007 00:42 <REP> Google
03/08/2006 17:55 461 INSTALL.LOG
20/02/2007 00:21 <REP> Internet Explorer
21/09/2005 16:15 <REP> Java
28/10/2006 11:09 <REP> Lavasoft
30/12/2005 17:03 <REP> Learn2.com
07/12/2006 14:31 <REP> Logitech
23/06/2005 22:59 <REP> Messenger
25/03/2007 21:01 <REP> Microsoft AntiSpyware
21/12/2005 20:28 <REP> microsoft frontpage
21/12/2005 20:29 <REP> Microsoft Office
06/05/2006 16:51 <REP> Mindscape
23/06/2005 23:00 <REP> Movie Maker
24/03/2007 15:07 <REP> Mozilla Firefox
28/11/2005 18:56 <REP> MSN
23/06/2005 22:59 <REP> MSN Gaming Zone
26/02/2007 10:14 <REP> MSN Messenger
08/12/2006 22:49 <REP> MSXML 4.0
23/06/2005 23:00 <REP> NetMeeting
23/06/2005 23:11 <REP> NewTech Infosystems
23/06/2005 23:06 <REP> NVIDIA Corporation
23/06/2005 22:59 <REP> Online Services
20/02/2007 00:22 <REP> Outlook Express
06/05/2006 16:49 <REP> PhotoFiltre
23/02/2007 00:42 <REP> Picasa2
18/12/2005 21:15 <REP> PIXELA
28/08/2006 21:51 <REP> QuickTime
30/12/2005 17:02 <REP> Real
18/12/2005 21:10 <REP> REGSHAVE
29/12/2005 20:37 <REP> Sega
23/06/2005 23:00 <REP> Services en ligne
21/12/2005 20:29 <REP> Snapshot Viewer
21/12/2005 19:11 <REP> Softwin
24/02/2007 14:38 <REP> Spybot - Search & Destroy
30/12/2005 21:58 <REP> Stellarium
30/12/2005 16:59 <REP> TechCity Solutions
24/12/2005 14:25 <REP> Ubi Soft
24/12/2006 23:33 <REP> Ubisoft
02/12/2006 20:10 <REP> VideoLAN
30/12/2005 17:03 <REP> Viewpoint
23/02/2007 00:29 <REP> Winamp
26/11/2006 17:02 <REP> Windows Defender
03/10/2006 14:47 <REP> Windows Media Player
23/06/2005 22:59 <REP> Windows NT
30/07/2006 12:53 <REP> WinRAR
23/06/2005 23:01 <REP> xerox
10/05/2006 15:30 <REP> XnFoto
23/09/2006 14:04 <REP> Yahoo!
1 fichier(s) 461 octets
66 R‚p(s) 61ÿ622ÿ452ÿ224 octets libres
******************************************
## Popups autorisées
* Internet Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
space.live.com. REG_BINARY
spaces.live.com REG_BINARY
* Mozilla Firefox (1 autorisé 2 interdit)
---------- C:\DOCUMENTS AND SETTINGS\CONFO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\27QZ0DDD.DEFAULT\HOSTPERM.1
host popup 1 www.polskastacja.pl
******************************************
## Registre
* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
******************************************
## Zones de sécurité
* HKCU Domains (4)
* P3P History (5)
******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"
*************** Fin du rapport ****************
Puis le rapport NAVIPROMO:
Rapport Navipromo.bat 0.71 effectué depuis C:\Documents and Settings\Confo\Bureau\Navipromo07H le 25/03/2007 à 20:47:39,84
L'opération se déroule en mode sans échec sous le compte "Confo"
** Recherche...
1/ pwcfyjnbl trouvé, recherche de pwcfyjnbl*
C:\WINDOWS\system32\pwcfyjnbl.dat
C:\WINDOWS\system32\pwcfyjnbl.exe
C:\WINDOWS\system32\pwcfyjnbl_nav.dat
C:\WINDOWS\system32\pwcfyjnbl_navps.dat
C:\WINDOWS\prefetch\PWCFYJNBL.EXE-26EF4A05.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
pwcfyjnbl REG_SZ c:\windows\system32\pwcfyjnbl.exe pwcfyjnbl
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
pwcfyjnbl REG_SZ c:\windows\system32\pwcfyjnbl.exe pwcfyjnbl
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode
################################################
** Nettoyage...
1/ Déplacement de pwcfyjnbl* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\pwcfyjnbl* déplacé avec succès !
C:\WINDOWS\prefetch\pwcfyjnbl* déplacé avec succès
------------------
* Suppression clés et valeurs de registre
2 entrées de registre netttoyées
* Backups :
C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\pack.epk
C:\Navipromo\Backups\pwcfyjnbl.dat
C:\Navipromo\Backups\pwcfyjnbl.exe
C:\Navipromo\Backups\PWCFYJNBL.EXE-26EF4A05.pf
C:\Navipromo\Backups\pwcfyjnbl_nav.dat
C:\Navipromo\Backups\pwcfyjnbl_navps.dat
C:\Navipromo\Backups\Uninstall.reg
Ajout d'extension .off aux backups
## Fin du rapport de Suppression
-------------
Rapport Navipromo.bat 0.72 effectué depuis C:\Documents and Settings\Confo\Bureau\Navipromo07H le 25/03/2007 à 20:49:25,75
L'opération se déroule en mode sans échec sous le compte "Confo"
## Suppression Heuristique
* Backups :
C:\Navipromo\Backups\Heuristic\linkprd.exe
C:\Navipromo\Backups\Heuristic\prodsrvs.exe
Ajout d'extension .off aux backups
Backups exe renommés avec succès
## Fin du rapport Heuristique
-------------
Et enfin le nouveau rapport HIJACKTHIS:
Logfile of HijackThis v1.99.1
Scan saved at 21:14:17, on 25/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\WINDOWS\SCMain.exe
C:\WINDOWS\WCMain.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\program files\fichiers communs\aol\1136223400\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1136223400\ee\aolsoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Confo\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gosiagaelitos91.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Merci pour tous tes conseils et la procédure qui est très pédagogique.
J'espère ne plus être envahi, mais comment éviter que cela se reproduise?
Bonne soirée et merci d'avance pour ta réponse.
J'ai suivi tes recommandations. Tout d'abord, voici le rapport lop:
Rapport fait à 21:07:31,28 le 25/03/2007
******************************************
## Répertoires Application Data
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\All Users\Application Data
23/06/2005 22:55 <REP> .
23/06/2005 22:55 <REP> ..
23/06/2005 23:10 <REP> Adobe
30/12/2005 17:01 <REP> AOL
07/10/2006 20:44 <REP> AOL Downloads
18/07/2006 20:19 <REP> Apple Computer
23/06/2005 23:11 <REP> CyberLink
26/11/2005 09:42 <REP> eConsole
23/06/2005 22:55 <REP> Microsoft
08/07/2006 17:33 <REP> NtiDvdCopy
27/11/2005 14:38 <REP> nView_Profiles
27/12/2005 09:47 <REP> QuickTime
21/12/2005 20:29 <REP> SBT
02/01/2006 21:11 <REP> Spybot - Search & Destroy
23/06/2005 23:13 <REP> Symantec
30/12/2005 18:09 <REP> UDL
30/12/2005 17:03 <REP> Viewpoint
29/06/2006 06:48 <REP> Windows Genuine Advantage
24/09/2006 09:19 <REP> Yahoo! Companion
23/06/2005 22:56 62 desktop.ini
07/12/2006 14:42 0 ISx14.tmp
07/12/2006 14:49 0 ISx15.tmp
07/12/2006 14:58 0 ISx2B.tmp
09/12/2006 17:53 0 ISxA2.tmp
09/12/2006 18:09 0 ISxA3.tmp
09/12/2006 18:10 0 ISxA4.tmp
07/12/2006 17:22 0 ISxBB.tmp
8 fichier(s) 62 octets
19 R‚p(s) 61ÿ622ÿ476ÿ800 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Confo\Application Data
22/11/2005 19:40 <REP> .
22/11/2005 19:40 <REP> ..
22/11/2005 19:40 <REP> Adobe
08/12/2005 15:25 <REP> AdobeUM
30/12/2005 17:04 <REP> AOL
18/07/2006 20:47 <REP> Apple Computer
13/11/2006 18:08 <REP> ArcSoft
02/12/2005 17:47 <REP> CyberLink
02/12/2006 20:13 <REP> dvdcss
04/03/2006 15:08 <REP> EPSON
18/12/2005 21:13 <REP> FUJIFILM
30/12/2005 22:00 <REP> Google
27/12/2005 19:14 <REP> Help
22/11/2005 19:40 <REP> Identities
31/12/2005 14:23 <REP> Lavasoft
30/12/2005 17:25 <REP> Macromedia
22/11/2005 19:40 <REP> Microsoft
21/12/2005 20:18 <REP> Microsoft Web Folders
29/10/2006 22:35 <REP> Mozilla
09/02/2006 20:19 <REP> MSNInstaller
03/05/2006 14:56 <REP> Orph‚e D‚veloppement
24/02/2007 22:20 <REP> Real
21/01/2006 16:45 <REP> Sun
22/11/2005 19:40 <REP> Symantec
09/07/2006 10:33 <REP> U3
11/12/2006 00:27 <REP> vlc
30/12/2005 17:03 <REP> You've Got Pictures Screensaver
22/11/2005 19:40 62 desktop.ini
1 fichier(s) 62 octets
27 R‚p(s) 61ÿ622ÿ476ÿ800 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Confo\Local Settings\Application Data
22/11/2005 19:40 <REP> .
22/11/2005 19:40 <REP> ..
22/11/2005 19:40 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150020}
22/11/2005 19:40 <REP> Adobe
02/10/2006 18:21 <REP> AOL
18/07/2006 20:47 <REP> Apple Computer
30/12/2005 22:00 <REP> Google
27/12/2005 19:14 <REP> Help
04/12/2005 11:54 <REP> Identities
22/11/2005 19:40 <REP> Microsoft
29/10/2006 22:35 <REP> Mozilla
21/02/2007 00:33 <REP> RcIncidents
16/01/2006 20:42 <REP> toaster
25/11/2005 18:49 <REP> WMTools Downloaded Files
18/12/2005 21:32 79ÿ360 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
26/11/2005 09:43 81ÿ976 GDIPFONTCACHEV1.DAT
2 fichier(s) 161ÿ336 octets
14 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Default User\Application Data
23/06/2005 22:55 <REP> .
23/06/2005 22:55 <REP> ..
22/11/2005 19:40 <REP> Adobe
22/11/2005 19:40 <REP> Identities
23/06/2005 22:55 <REP> Microsoft
22/11/2005 19:40 <REP> Symantec
23/06/2005 22:56 62 desktop.ini
1 fichier(s) 62 octets
6 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data
23/06/2005 22:56 <REP> .
23/06/2005 22:56 <REP> ..
22/11/2005 19:40 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150020}
22/11/2005 19:40 <REP> Adobe
23/06/2005 23:01 <REP> Microsoft
22/11/2005 19:40 2ÿ661ÿ402 IconCache.db
1 fichier(s) 2ÿ661ÿ402 octets
5 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\LocalService\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\NetworkService\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data
23/06/2005 23:04 <REP> .
23/06/2005 23:04 <REP> ..
23/06/2005 23:04 <REP> Microsoft
10/01/2007 16:50 <REP> PCHealth
0 fichier(s) 0 octets
4 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data
23/06/2005 23:03 <REP> .
23/06/2005 23:03 <REP> ..
22/11/2005 19:40 <REP> Adobe
22/11/2005 19:40 <REP> Identities
23/06/2005 23:03 <REP> Microsoft
22/11/2005 19:40 <REP> Symantec
23/06/2005 23:03 62 desktop.ini
1 fichier(s) 62 octets
6 R‚p(s) 61ÿ622ÿ472ÿ704 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
23/06/2005 23:03 <REP> .
23/06/2005 23:03 <REP> ..
22/11/2005 19:40 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150020}
22/11/2005 19:40 <REP> Adobe
23/06/2005 23:03 <REP> Microsoft
22/11/2005 19:40 2ÿ661ÿ402 IconCache.db
1 fichier(s) 2ÿ661ÿ402 octets
5 R‚p(s) 61ÿ622ÿ468ÿ608 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
C:\WINDOWS\Tasks\MP
MP inexploitable
******************************************
## Répertoires de C:\Program Files
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est B063-8065
R‚pertoire de C:\Program Files
21/03/2007 22:00 <REP> .
21/03/2007 22:00 <REP> ..
23/06/2005 23:11 <REP> acer
23/06/2005 23:10 <REP> Adobe
23/06/2005 23:12 <REP> AMD
07/10/2006 20:45 <REP> AOL
21/02/2007 01:01 <REP> AOL 9.0
20/11/2006 16:20 <REP> AOL 9.0d
22/01/2007 18:02 <REP> AOL Compagnon
06/01/2007 14:20 <REP> AOL Toolbar
28/02/2007 23:56 <REP> CCleaner
30/12/2005 21:34 <REP> Celestia
23/06/2005 23:00 <REP> ComPlus Applications
23/06/2005 23:11 <REP> CyberLink
24/12/2005 14:40 <REP> directx
08/07/2006 14:22 <REP> DVD Decrypter
30/12/2005 18:10 <REP> epson
24/02/2007 22:24 <REP> Fichiers communs
06/03/2007 12:01 <REP> FinePixViewer
23/02/2007 00:42 <REP> Google
03/08/2006 17:55 461 INSTALL.LOG
20/02/2007 00:21 <REP> Internet Explorer
21/09/2005 16:15 <REP> Java
28/10/2006 11:09 <REP> Lavasoft
30/12/2005 17:03 <REP> Learn2.com
07/12/2006 14:31 <REP> Logitech
23/06/2005 22:59 <REP> Messenger
25/03/2007 21:01 <REP> Microsoft AntiSpyware
21/12/2005 20:28 <REP> microsoft frontpage
21/12/2005 20:29 <REP> Microsoft Office
06/05/2006 16:51 <REP> Mindscape
23/06/2005 23:00 <REP> Movie Maker
24/03/2007 15:07 <REP> Mozilla Firefox
28/11/2005 18:56 <REP> MSN
23/06/2005 22:59 <REP> MSN Gaming Zone
26/02/2007 10:14 <REP> MSN Messenger
08/12/2006 22:49 <REP> MSXML 4.0
23/06/2005 23:00 <REP> NetMeeting
23/06/2005 23:11 <REP> NewTech Infosystems
23/06/2005 23:06 <REP> NVIDIA Corporation
23/06/2005 22:59 <REP> Online Services
20/02/2007 00:22 <REP> Outlook Express
06/05/2006 16:49 <REP> PhotoFiltre
23/02/2007 00:42 <REP> Picasa2
18/12/2005 21:15 <REP> PIXELA
28/08/2006 21:51 <REP> QuickTime
30/12/2005 17:02 <REP> Real
18/12/2005 21:10 <REP> REGSHAVE
29/12/2005 20:37 <REP> Sega
23/06/2005 23:00 <REP> Services en ligne
21/12/2005 20:29 <REP> Snapshot Viewer
21/12/2005 19:11 <REP> Softwin
24/02/2007 14:38 <REP> Spybot - Search & Destroy
30/12/2005 21:58 <REP> Stellarium
30/12/2005 16:59 <REP> TechCity Solutions
24/12/2005 14:25 <REP> Ubi Soft
24/12/2006 23:33 <REP> Ubisoft
02/12/2006 20:10 <REP> VideoLAN
30/12/2005 17:03 <REP> Viewpoint
23/02/2007 00:29 <REP> Winamp
26/11/2006 17:02 <REP> Windows Defender
03/10/2006 14:47 <REP> Windows Media Player
23/06/2005 22:59 <REP> Windows NT
30/07/2006 12:53 <REP> WinRAR
23/06/2005 23:01 <REP> xerox
10/05/2006 15:30 <REP> XnFoto
23/09/2006 14:04 <REP> Yahoo!
1 fichier(s) 461 octets
66 R‚p(s) 61ÿ622ÿ452ÿ224 octets libres
******************************************
## Popups autorisées
* Internet Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
space.live.com. REG_BINARY
spaces.live.com REG_BINARY
* Mozilla Firefox (1 autorisé 2 interdit)
---------- C:\DOCUMENTS AND SETTINGS\CONFO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\27QZ0DDD.DEFAULT\HOSTPERM.1
host popup 1 www.polskastacja.pl
******************************************
## Registre
* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
******************************************
## Zones de sécurité
* HKCU Domains (4)
* P3P History (5)
******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"
*************** Fin du rapport ****************
Puis le rapport NAVIPROMO:
Rapport Navipromo.bat 0.71 effectué depuis C:\Documents and Settings\Confo\Bureau\Navipromo07H le 25/03/2007 à 20:47:39,84
L'opération se déroule en mode sans échec sous le compte "Confo"
** Recherche...
1/ pwcfyjnbl trouvé, recherche de pwcfyjnbl*
C:\WINDOWS\system32\pwcfyjnbl.dat
C:\WINDOWS\system32\pwcfyjnbl.exe
C:\WINDOWS\system32\pwcfyjnbl_nav.dat
C:\WINDOWS\system32\pwcfyjnbl_navps.dat
C:\WINDOWS\prefetch\PWCFYJNBL.EXE-26EF4A05.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
pwcfyjnbl REG_SZ c:\windows\system32\pwcfyjnbl.exe pwcfyjnbl
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
pwcfyjnbl REG_SZ c:\windows\system32\pwcfyjnbl.exe pwcfyjnbl
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode
################################################
** Nettoyage...
1/ Déplacement de pwcfyjnbl* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\pwcfyjnbl* déplacé avec succès !
C:\WINDOWS\prefetch\pwcfyjnbl* déplacé avec succès
------------------
* Suppression clés et valeurs de registre
2 entrées de registre netttoyées
* Backups :
C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\pack.epk
C:\Navipromo\Backups\pwcfyjnbl.dat
C:\Navipromo\Backups\pwcfyjnbl.exe
C:\Navipromo\Backups\PWCFYJNBL.EXE-26EF4A05.pf
C:\Navipromo\Backups\pwcfyjnbl_nav.dat
C:\Navipromo\Backups\pwcfyjnbl_navps.dat
C:\Navipromo\Backups\Uninstall.reg
Ajout d'extension .off aux backups
## Fin du rapport de Suppression
-------------
Rapport Navipromo.bat 0.72 effectué depuis C:\Documents and Settings\Confo\Bureau\Navipromo07H le 25/03/2007 à 20:49:25,75
L'opération se déroule en mode sans échec sous le compte "Confo"
## Suppression Heuristique
* Backups :
C:\Navipromo\Backups\Heuristic\linkprd.exe
C:\Navipromo\Backups\Heuristic\prodsrvs.exe
Ajout d'extension .off aux backups
Backups exe renommés avec succès
## Fin du rapport Heuristique
-------------
Et enfin le nouveau rapport HIJACKTHIS:
Logfile of HijackThis v1.99.1
Scan saved at 21:14:17, on 25/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe
C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\WINDOWS\SCMain.exe
C:\WINDOWS\WCMain.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\program files\fichiers communs\aol\1136223400\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1136223400\ee\aolsoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Confo\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gosiagaelitos91.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Merci pour tous tes conseils et la procédure qui est très pédagogique.
J'espère ne plus être envahi, mais comment éviter que cela se reproduise?
Bonne soirée et merci d'avance pour ta réponse.
as tu encore des soucis?
supprime absolument tout ce qu'on a utilisé, cela ne te servira plus à rien, navipromo et ses rapports, bfu, lopxpmh etc...
passe un coup de ccleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
hijack est mal installé
supprime le et installe celui ci, il se met directement au bon endroit, car tu ne pourrais pas avoir de sauvegarde autrement
télécharge et installe le logiciel HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
lance le pour un scan seulement
coche les lignes suivantes en gras si tu les trouves
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gosiagaelitos91.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
ferme toutes tes fenêtres même internet et clique sur fixer l'objet
fais un scan en ligne sur l'un des sites suivants et poste le rapport
http://pandasoftware.fr
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
http://www.bitdefender.fr/scan8/ie.html
http://www.secuser.com/outils/antivirus.htm
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=fr&venid=sym
supprime absolument tout ce qu'on a utilisé, cela ne te servira plus à rien, navipromo et ses rapports, bfu, lopxpmh etc...
passe un coup de ccleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
hijack est mal installé
supprime le et installe celui ci, il se met directement au bon endroit, car tu ne pourrais pas avoir de sauvegarde autrement
télécharge et installe le logiciel HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
lance le pour un scan seulement
coche les lignes suivantes en gras si tu les trouves
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gosiagaelitos91.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
ferme toutes tes fenêtres même internet et clique sur fixer l'objet
fais un scan en ligne sur l'un des sites suivants et poste le rapport
http://pandasoftware.fr
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
http://www.bitdefender.fr/scan8/ie.html
http://www.secuser.com/outils/antivirus.htm
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=fr&venid=sym
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut à tous,
depuis quelques temps j'ai les mêmes soucis.
Fenêtres s'ouvrant toutes seules de spyware secure, jeux en ligne de casino, voyance en direct, winantivir et d'autres.
Je commence à craquer.
Est ce que quelqu'un pourrait m'aider???
Help!!!!!!
depuis quelques temps j'ai les mêmes soucis.
Fenêtres s'ouvrant toutes seules de spyware secure, jeux en ligne de casino, voyance en direct, winantivir et d'autres.
Je commence à craquer.
Est ce que quelqu'un pourrait m'aider???
Help!!!!!!
cookie42, crée ton propre topic, car sinon on risque de s'emmêler les pinceaux!!!
on va venir t'aider
on va venir t'aider
Bonsoir Papyber,
J'ai scanné avec hidjackthis et coché les indiquées. Pour l'instant, je n'ai plus de fenètres intempestives. Par contre, je n'ai pas encore scanné avec les anti-virus en ligne. J'ai déjà bitdefender, ce n'est pas perturbant pour l'ordi de télécharger plusieurs antivirus ?
Encore merci pour ton aide précieuse.
J'ai scanné avec hidjackthis et coché les indiquées. Pour l'instant, je n'ai plus de fenètres intempestives. Par contre, je n'ai pas encore scanné avec les anti-virus en ligne. J'ai déjà bitdefender, ce n'est pas perturbant pour l'ordi de télécharger plusieurs antivirus ?
Encore merci pour ton aide précieuse.
Voici les rapports black light (il y en a 2):
03/25/07 12:09:20 [Info]: BlackLight Engine 1.0.55 initialized
03/25/07 12:09:20 [Info]: OS: 5.1 build 2600 (Service Pack 2)
03/25/07 12:09:20 [Note]: 7019 4
03/25/07 12:09:20 [Note]: 7005 0
03/25/07 12:09:23 [Note]: 7006 0
03/25/07 12:09:23 [Note]: 7011 1764
03/25/07 12:09:24 [Note]: 7026 0
03/25/07 12:09:24 [Note]: 7026 0
03/25/07 12:09:24 [Note]: 7024 3
03/25/07 12:09:24 [Info]: Hidden process: C:\windows\system32\pwcfyjnbl.exe
03/25/07 12:09:28 [Note]: FSRAW library version 1.7.1021
03/25/07 12:13:02 [Info]: Hidden file: c:\WINDOWS\system32\pwcfyjnbl.dat
03/25/07 12:13:02 [Note]: 10002 1
03/25/07 12:13:02 [Info]: Hidden file: C:\windows\system32\pwcfyjnbl.exe
03/25/07 12:13:02 [Note]: 10002 1
03/25/07 12:13:02 [Info]: Hidden file: c:\WINDOWS\system32\pwcfyjnbl_nav.dat
03/25/07 12:13:02 [Note]: 10002 1
03/25/07 12:13:02 [Info]: Hidden file: c:\WINDOWS\system32\pwcfyjnbl_navps.dat
03/25/07 12:13:02 [Note]: 10002 1
03/25/07 12:14:19 [Note]: 7007 0
03/25/07 12:15:38 [Info]: BlackLight Engine 1.0.55 initialized
03/25/07 12:15:38 [Info]: OS: 5.1 build 2600 (Service Pack 2)
03/25/07 12:15:38 [Note]: 7019 4
03/25/07 12:15:38 [Note]: 7005 0
03/25/07 12:15:41 [Note]: 7006 0
03/25/07 12:15:41 [Note]: 7011 1764
03/25/07 12:15:41 [Note]: 7026 0
03/25/07 12:15:42 [Note]: 7026 0
03/25/07 12:15:42 [Note]: 7024 3
03/25/07 12:15:42 [Info]: Hidden process: C:\windows\system32\pwcfyjnbl.exe
03/25/07 12:15:44 [Note]: FSRAW library version 1.7.1021
03/25/07 12:16:50 [Note]: 7007 0
et le rapport hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 12:21:01, on 25/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\WINDOWS\SCMain.exe
C:\WINDOWS\WCMain.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\fichiers communs\aol\1136223400\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1136223400\ee\aolsoftware.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Confo\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1136223400\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINDOWS\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINDOWS\WCMain.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gosiagaelitos91.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1067_em_XP.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{006F4199-8131-4BF5-B64C-B396937EC1E9}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4EB12D22-7B2D-4F15-B5C1-7FCEB5416838} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Merci pour le coup de main,