[trojandownloader.xs] Besoin d'aide svp... Résolu/Fermé

Question

Bonjour bonjour, j'aimerais savoir si quelqu'un pourrait m'aider pour un virus qui apperement se nomme "trojandownloader.xs" (a vrai dire, je ne sais pas si c'est le vrai nom ou juste une arnaque d'un certain site pour m'insiter a acheter un de leur anti-spywares)

Sinon, voici ce qui se passe avec mon pc :

un message remplaçe mon fond d'écran, il y est indiqué notamment 

"Warning ! Spyware threat has been detected on your PC.
Your computer has several fatal errors due to spyware activity."

Et aussi des messages differents apparaissent en bas a droite, dans la barre d'outil a me dire que mon pc est infécté etc... Et quand je clique dessus, cela me ramene a une page où je peux acheter des anti-spyware.

Sinon, mon internet est un tout petit plus lente que d'avant et quand je surf sur internet, pas mal de fois, on m'ouvre la meme page que celle cité plus haut...

______________

Voila, je crois que j'ai a peu pres tout dit... Je vous poste notamment déja un rapport hijackthis qui est le suivant :

______________

Logfile of HijackThis v1.99.1
Scan saved at 19:50:03, on 13/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32
usrmgr.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcgPSWX.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ivan\Bureau\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070314
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {0723CAE4-C2AB-4995-B749-6BC9BE984564} - (no file)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: oembios32.msdn_hlp - {AB5FE6E5-7C72-4B89-85D0-D57E7AEAC236} - C:\WINDOWS\system32\oembios32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] //~c:\windows\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Moniteur de ressources Extender.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4685CB0-B048-4393-B885-221B5451BD94}: NameServer = 85.255.115.237,85.255.112.78
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4A886DA-B782-4227-B939-F1EE487BDA07}: NameServer = 85.255.115.237,85.255.112.78
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O18 - Protocol: bw+0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe

________________
Voila, j'espere que quelqu'un m'aidera :) Merci d'avance !

jalobservateur · Accepted Answer

Salut!
Je ne sais pas pourquoi l,aide se fait désert ici ?
Regardes bien !
Moi je suis vraiment fatigué ce matin !
18 heures d'aide hier et cette nuit alors, ...
mais je vais en faire un petit bout pour t,aider.
On va faire ceci:
Copies ce que j'écris dans ton bloc.
vas en mode sans echec.

Puis, supprimes cette merde dans son emplacement C:/   C:\WINDOWS\system32
usrmgr.exe
Tu dois désactiver la resto systeme pour l'instant.
Et tu affiches les fichiers cachés.
Alors en suite Scan seulement avec Highjackthis. Scan only : Puis fixes ces lignes: Coches et fixes.
---------------------------------------------------------------------------------------------


 O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
 O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
 O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
 O2 - BHO: (no name) - {0723CAE4-C2AB-4995-B749-6BC9BE984564} - (no file)
 O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
 O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
 O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
 O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
 O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
 O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
 O2 - BHO: oembios32.msdn_hlp - {AB5FE6E5-7C72-4B89-85D0-D57E7AEAC236} - C:\WINDOWS\system32\oembios32.dll
 O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
 O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
 O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
 O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
 O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
 O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
 O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
 O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
 O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
 O17 - HKLM\System\CCS\Services\Tcpip\..\{E4685CB0-B048-4393-B885-221B5451BD94}: NameServer =  85.255.115.237,85.255.112.78
 O17 - HKLM\System\CCS\Services\Tcpip\..\{F4A886DA-B782-4227-B939-F1EE487BDA07}: NameServer = 85.255.115.237,85.255.112.78
-------------------------------------------------------------------------------------------------------------------------------------------

Ensuite, nettoies tout avec Ccleaner en 7 passages nsa et corriges toutes les erreurs de registres avec ccleaner.
Reste en sans E. et scan avec ton av et tes anti-spywares.
Et pour la suite, le démarrage des merde devrait se calmer, mais tu as pas encore fini !!!
Remets ici ton log + propre ensuite stp'

Lyonnais92 · Answer

bonjour,

Imprime ces instructions car il va y avoir un redémarrage de l'ordinateur. 

* Télécharge FixWareout de ce site sur le bureau: 
http://downloads.subratam.org/Fixwareout.exe 
hxxp://swandog46.geekstogo.com/Fixwareout.exe 

* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish. 
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal. 

*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt) avec un nouveau rapport HijackThis! dans ta prochaine réponse. 

@+

jalobservateur · Answer

Salut ! ouffff!!!!
Pauvre machine!
La lourdeur de ton log est désespérante !
T'as une bonne machine, car tu réussis à venir ici!
Tu vas aller en sans echec  et juste faire un prermier geste :
Avec highjackthis ,scan seulement  et coches puis fixes cette ligne : O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
Tu en as une tonne comme celà ,mais je veux simplement voir si les fausses et dans le fond, vraies alertes vont diminuer  ?
Installes et nettoies avec Ccleaner  https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html 
puis corriges toutes les erreurs. N'installes surtout pas la barre Yahoo!!! Y a assez de d'inutilités comme ça dans ta machine !
Et reviens ici remets ton log puis si ce n'est moi ,ce sera un autre qui continuera de t'aider.
@+ jal
SUPER LYONNAIS VA T' AIDER "

ivanho92 · Answer

Ok, merci pour ton aide :)

Voici les deux rapports, d'abord celui de FixWareout.
______________

Username "Ivan" - 13/09/2007 20:11:18 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{E4685CB0-B048-4393-B885-221B5451BD94} 
"nameserver"="85.255.115.237,85.255.112.78" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{F4A886DA-B782-4227-B939-F1EE487BDA07} 
"nameserver"="85.255.115.237,85.255.112.78" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{B255C6FB-2373-4838-8ABF-84D8656C7386}
"DhcpNameServer"="85.255.115.237,85.255.112.78" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{E4685CB0-B048-4393-B885-221B5451BD94}
"DhcpNameServer"="85.255.115.237,85.255.112.78" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{F4A886DA-B782-4227-B939-F1EE487BDA07}
"DhcpNameServer"="85.255.115.237,85.255.112.78" <Value cleared.

Cache de résolution DNS vidé.


System was rebooted successfully. 
 
~~~~~ Postrun check 
HKLM\SOFTWARE\~\Winlogon\ "System"="" 
....
....
~~~~~ Misc files. 
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="//~c:\windows\ehome\ehtray.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"CTHelper"="CTHELPER.EXE"
"CTxfiHlp"="CTXFIHLP.EXE"
"SunJavaUpdateSched"="\"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe\""
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
"CTDVDDET"="\"C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE\""
"VolPanel"="\"C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe\" /r"
"AudioDrvEmulator"="\"C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe\" -1 AudioDrvEmulator \"C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll\""
"UpdReg"="C:\WINDOWS\UpdReg.EXE"
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE"
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup"
"ISUSScheduler"="\"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe\" -start"
"MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe"
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"MediaLifeService"="\"C:\Program Files\Logitech\MediaLife\MediaLifeService.exe\""
"HerculesCamService"="C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe"
"LXCGCATS"="rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16"
"lxcgmon.exe"="\"C:\Program Files\Lexmark 2300 Series\lxcgmon.exe\""
"EzPrint"="\"C:\Program Files\Lexmark 2300 Series\ezprint.exe\""
"FaxCenterServer"="\"C:\Program Files\Lexmark Fax Solutions\fm3032.exe\" /s"
"Adobe Version Cue CS2"="C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
"SigmatelSysTrayApp"="stsystra.exe"
"QuickTime Task"="\"C:\Program Files\QuickTime\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\Program Files\iTunes\iTunesHelper.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"MsnMsgr"="\"C:\Program Files\MSN Messenger\MsnMsgr.Exe\" /background"
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"
"MSMSGS"="\"C:\Program Files\Messenger\msmsgs.exe\" /background"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
_________________

Et encore un de Hijackthis ! :)

_________________
Logfile of HijackThis v1.99.1
Scan saved at 20:14:30, on 13/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32
usrmgr.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Documents and Settings\Ivan\Bureau\HijackThis.exe
C:\Program Files\iPod\bin\iPodService.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070314
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {0723CAE4-C2AB-4995-B749-6BC9BE984564} - (no file)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: oembios32.msdn_hlp - {AB5FE6E5-7C72-4B89-85D0-D57E7AEAC236} - C:\WINDOWS\system32\oembios32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] //~c:\windows\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Moniteur de ressources Extender.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O18 - Protocol: bw+0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
______________________

Voila voila, merci encore pour ton aide ;)

ivanho92 · Answer

Désolé pour ce double post, mais j'aimerais savoir où tu es passé lyonnais ?

Je suis encore dsl pour ce double post mais si tu ne peux pas résoudre le problème, signale le stp... :)

Merci encore de votre compréhension.

ivanho92 · Answer

Svp, aidez moi ! Je vous en prie...

si il y aurait moyen, je préférerais régler le probème sur msn, voici mon adresse : ivan92j@hotmail.com


Je vous en prie, j'ai besoin de votre aide ! Ce virus commence a m'énnerver :(

jalobservateur · Answer

Ps: il y a des programmes spécifiques pour déloger ces indésirables. 
Ils sont pas parfaits, mais ils en font un bon bout.
Tu devras en utiliser.
Mais avant pour être moins chiant, il faut donner du mou un peu à ta machine, d'ou mes directives précédentes.
Alors, tu dois suivre ATTENTIVEMENT et me répondre à chaques fois stp.

philae83 · Answer

bonsoir,

puisque tout le monde déserte ce topic :)

* Télécharge SmitfraudFix de S!Ri, balltrap34 et moe31

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

* Installe le à la racine de C
 
* double clic sur l'exe pour le décompresser et lancer le fix.
Utilisation ----- option 1 - Recherche :
* Double clique sur smitfraudfix.cmd 
* Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
* Poste le rapport ici
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

ivanho92 · Answer

Bonjour  jalobservateur !

Déja d'une chose, je voulais te remercier pour ton aide, ce que tu fais es vraiment très gentil...

Maintenant, passons aux mauvaises chose, j'ai suis éxactement a la lettre tout ce que tu m'as dit mais malheuresement, mon fond d'écran noir horrible est toujours là :s

Avant cela, juste par curiosité, crois tu que le fond d'écran disparaitra tout seul ou que je doit en mettre un nouveau ? (mais dans le 2eme cas, j'espere que le fond d'écran noir arretra de "réaparaitre"...)

Sinon, je n'ai pas compris quand tu me dis poste un nouveau log "+ propre".. je ne vois vraiment pas ce que sait, alors je te mets seulement le log Highjackthis. Le voici :

Avant le log, je voulais te remercier encore une fois pour tes aides ! :)

Logfile of HijackThis v1.99.1
Scan saved at 19:19:44, on 16/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Ivan\Bureau\Combat virus\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070314
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] //~c:\windows\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Moniteur de ressources Extender.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O18 - Protocol: bw+0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe

___________

philae83 · Answer

bonsoir,

regarde ce que je t'ai mis au post 8, et fait le

jalobservateur · Answer

De rien mon ami!
j,ai regardé vite et oui je crois que toutes les lignes vilaines qui démarraient sur ta machine sont au moins enfermées!
Philea va prendre la relève avec toi.
Comme l,indication sur le poste #8.
@+ bon courage! Jal

ivanho92 · Answer

Oki ! Donc, déja bonjour Philae et merci a ton tour de m'aidé :) Alors, voici le rapport réclamé...

Je suis désolé si je met du temps a répondre, mais j'ai été relativement occupé ce soir donc voila quoi :p Merci de votre compréhension  ;)


SmitFraudFix v2.221

Rapport fait à 22:09:16,98, dim. 16/09/2007
Executé à partir de C:\Documents and Settings\Ivan\Bureau\Combat virus\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\Explorer.EXE
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\msole32.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Ivan


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Ivan\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Ivan\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Adaptateur USB 2.0 sans fil à double bande (802.11a/b/g) Dell 1450 #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222 

Description: Adaptateur USB 2.0 sans fil à double bande (802.11a/b/g) Dell 1450 #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222 

Description: Adaptateur USB 2.0 sans fil à double bande (802.11a/b/g) Dell 1450 #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: DhcpNameServer=88.147.88.130 217.64.240.29
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=88.147.88.130 217.64.240.29


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

philae83 · Answer

ok, on continue

Maintenant :

Utilisation ----- option 2 -Nettoyage :

* Redémarre l'ordinateur en mode sans échec
(tapoter F8 au boot pour obtenir le menu de démarrage ou http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20020905112131924


* Double clique sur smitfraudfix.cmd


* Sélectionne 2 pour supprimer les fichiers responsables de l'infection.


A la question Voulez-vous nettoyer le registre ? répondre O (oui) afin de débloquer le fond d'écran et supprimer les clés de démarrage automatique de l'infection.

Le fix déterminera si le fichier wininet.dll est infecté.

A la question Corriger le fichier infecté ? répondre O (oui) pour remplacer le fichier corrompu.

* Redémarre en mode normal et poste le rapport ici

N.B.: Cette étape élimine les fichiers infectieux détectés à l'étape #1
Attention que l'option 2 de l'outil supprime le fond d'écran !

tu reposteras un nouveau rapport hijackthis à l'issu

ivanho92 · Answer

Ok, encore un merci si petit pour ce que vous faites pour moi, c'est très gentil :)

Effectivement, je n'ai plus le fond d'écran noir (du moins, pour l'instant)

Voici le rapport des suppressions de fichiers :

(ps : je vais aller me coucher car demain j'ai école. Donc demain, on reprend ça ^^ un grand merci a vous encore ! :D)

SmitFraudFix v2.221

Rapport fait à 22:27:59,31, dim. 16/09/2007
Executé à partir de C:\Documents and Settings\Ivan\Bureau\Combat virus\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1  localhost 

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: DhcpNameServer=88.147.88.130 217.64.240.29
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: DhcpNameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222 
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=88.147.88.130 217.64.240.29


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

philae83 · Answer

reposte un nouveau rapport hijackthis stp

ivanho92 · Answer

Voila ! (et oui, toujours debout :p)

Logfile of HijackThis v1.99.1
Scan saved at 22:42:16, on 16/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Ivan\Bureau\Combat virus\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=6070314
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] //~c:\windows\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Moniteur de ressources Extender.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10C0B1A2-07E7-4C78-A8CD-238AE3AEC41B}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{155184E9-0A89-4D7D-9F16-1BB10E98ACAC}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{24FBCE3D-6E73-4F89-A857-46FF9CD3F6CA}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{41F7A57E-2E15-40E9-B309-AEB455E496B6}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C663D55-1EEF-48AB-9D0E-B39DC6429D34}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{76437D47-5BF4-4F14-9C2B-B12D4FD6429C}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{8282D037-3F31-4EB9-8353-BFFA708994DD}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{942976A6-BADB-475E-BFCD-1935FFC6F80D}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 
O18 - Protocol: bw+0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe

philae83 · Answer

re

* lance hijackthis puis coche ces lignes :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) 
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE 
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" 
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe 
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe 
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL 
O18 - Protocol: bw+0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 
O18 - Protocol: offline-8876480 - {0BF0E643-0C9E-4007-929D-18F94FCC00BC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 

* toutes applications fermées et hors connexion, clique sur "fix checked"

fait également 

un scan antivirus en ligne ICI
https://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

jalobservateur · Answer

Allo philae83 !
Et ivanho92 !
Ouais la macine va peser moins bientôt.
 Des hantises , pas possible...
Vive process explorer!
Tous devraient avoir.

ivanho92 · Answer

Rebonjour a vous deux ! :)

Voici le rapport du san fait en ligne qui m'a pris comme même une bonne heure pour le faire :p

J'aimerais déja d'or vous remercier pour tous ce que vous faites pour moi, c'est vraiment sympa :)

Voici le rapport de Bitdefender :



BitDefender Online Scanner
  
  
 
Rapport d'analyse généré à: Mon, Sep 17, 2007 - 07:17:16
 
 
  
  
 
Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;K:\;
  
  
 
 
  
  
 
Statistiques
 
Temps
 00:59:52
 
Fichiers
 360956
 
Directoires
 12062
 
Secteurs de boot
 4
 
Archives
 4583
 
Paquets programmes
 19937
 
  
  
 
Résultats
 
Virus identifiés
 1
 
Fichiers infectés
 1
 
Fichiers suspects
 0
 
Avertissements
 0
 
Désinfectés
 0
 
Fichiers effacés
 1
 
  
  
 
Info sur les moteurs
 
Définition virus
 804170
 
Version des moteurs
 AVCORE v1.0 (build 2411) (i386) (Jul 9 2007 12:10:22)
 
Analyse des plugins
 14
 
Archive des plugins
 38
 
Unpack des plugins
 7
 
E-mail plugins
 6
 
Système plugins
 1
 
  
  
 
Paramètres d'analyse
 
Première action
 Désinfecté
 
Seconde Action
 Supprimé
 
Heuristique
 Oui
 
Acceptez les avertissements
 Oui
 
Extensions analysées
 *;
 
Excludez les extensions
  
 
Analyse d'emails
 Oui
 
Analyse des Archives
 Oui
 
Analyser paquets programmes
 Oui
 
Analyse des fichiers
 Oui
 
Analyse de boot
 Oui
 
  
  
 
  Fichier analysé
  Statut
 
C:\Program Files\AntispyStorm\clsReg.dll
 Infecté par: Trojan.Crypt.Fkm.G
 
C:\Program Files\AntispyStorm\clsReg.dll
 Echec de la désinfection
 
C:\Program Files\AntispyStorm\clsReg.dll
 Supprimé

philae83 · Answer

bonjour,

ok, parfait, as tu encore des soucis ?

ivanho92 · Answer

Pour l'instant non, tout a l'air parfait :)

Mais je t'explqiue un truc... avant, quand je nettoyais avec spybot le virus, il l'effacait mais quelques minutes apres, il réaparaissait. Des fois, le virus disparaissait 3 jours, mais au bout de de 3 jours, il revenait. Alors, je me pose cette question : Comment je peux etre sûr que mon virus ne revienne pas ?

Et sinon, que me conseille tu comme anti virus, anti spyware et pare feu ? Si tu me propose des anti virus etc, dois je effacer mon anti virus, anti spyware et pare feu actuel ?

(ps : a) quelle est la difference entre un anti virus et un anti spyware ?
        b) Comment puis je savoir quel est mon pare feu actuel ?)

Sinon, je ne vous remercierai jamais asser de m'avoir aidé ! Heuresement qu'il y a des génies comme vous du pc, si il y en aurai pas... Ce serait le chaos ! :p

Aller, j'attend ces dernieres réponses et on se dit bye :)

Merci, Ivanho92

jalobservateur · Answer

Bonjour  ivanho92

Philae83 te donnera son verdict pour ta machine .
Et si elle détermine le propre de celle-ci, alors voici pour toi:
@+ jal


Voici des indications et liens essentiels pour une bonne protection.
Et pour avoir du plaisir avec votre machine.

1: Pour toutes navigations : Firefox Mieux filté que IE
Lien: http://www.firefox-download-fr.com/fr.html

2: Antivirus gratuit et efficace, Antivir.
Lien: antivir

3: Pare-feu intelligent,Zone Alarm.
Lien: zonealarm

4: Un nettoyeur efficace et sécuritaire.Ccleaner.
Lien: https://filehippo.com/download_ccleaner/

5: Un excellent antispyware.
Lien: https://www.superantispyware.com/?tag=GOOGLE-SUPERANTISPYWARE

6: Incontournable Spybot Search & Destroy /Mode avancé/Resident/Tea Timer.V 1.5.1
Lien: https://www.safer-networking.org/download/

7: Un Updateur de programmes. Secunia. Inspecte et avise des MAJ essentielles.
Lien: https://www.flexera.com/products/operations/software-vulnerability-management.html

8: MAJ automatique de l'Oncle Bill. Windows et Microsoft MAJ.

9: S'abonner à Secuser pour toutes les alertes virales et MAJ critiques.(Gratuit).
Lien: http://www.secuser.com/newsletters/index.htm Excellent !

10:NE JAMAIS CLIQUER SUR UN AVERTISSEMENT QUELQUONQUE SI IL NE VIENT PAS DE VOS LÉGITIMES SYSTÊMES DE PROTECTIONS.

11: N'utiliser Internet Explorer 7 que pour les services essentiels:
Les MAJ de Bill.

Les scans en lignes(1 fois par mois).De préférence un AV qui enlève aussi les virus et ne fait pas seulement vous en prévenir.

Msn,Car appatient à Bill comme Internet explorer . ((((POINT)))).

12: Installez un défragmenteur efficace = (1 défrag/mois).
Lien: jkdefrag.
Il est laid mais il est bon!

13:Devenez familiers avec les termes et abréviations informatique.
Lien: https://www.clubic.com/telecharger-fiche15017-jargon-informatique.html

14: Gardez votre machine bien propre et silencieuse.
Lien: https://www.zdnet.fr/telecharger/logiciel/advanced-systemcare-39764295s.htm

15: Ne tentez pas le Diable.

Eviter le P2p.

Scannez toujours les fichiers Zip.

Vous téléchargez un programme, alors scan clique droite sur le bureau,l'exécutable et ensuite vous installez sur la patition prévue à cet effet.

16: Pour garder un contrôle sur votre machine et voir ses trippes .
Copiez dans votre bloc note la radiographie de votre machine à l"état clean.
Puis, comparez (1 fois/Sem) avec un nouvel examen.
Lien:hijackthis

17: Faites de temps à autre un survol de votre gestionnaire. Control/Alt/Del.
Et observez ce qui fonctionne en arrière plan et la consommation des divers processus.
Apprenez à les reconnaitre.

18: Quand vous serez connaissant de votre machine, vous pourrez installer ce super petit logiciel de l'Oncle Bill.
Avec lui, vous verrez les processus actifs en temps réel sur votre machine.
Vous aurez les noms, les signatures des compagnies fabricantes et la consmmation de chacun.
Mais le plus beau, vous aurez la possibilité de mettre un processus en pause. ou de le terminer à votre guise.
Et encore plus que vous découvrirez. Surprises!!!
Lien: https://www.clubic.com/telecharger-fiche14566-process-explorer.html

Voici selon moi, ce que j,appelerais,'Un tout cuit dansl'bec'

Et amusez-vous surtout ! jalobservateur

ivanho92 · Answer

Merci pour toute ces informations les gars ! Vous être vraiment chouette :)

Sur ce, je vous dis aurevoir et clos le sujet. Si jamais j'ai rebesoin d'aide, je sais où aller :)

Merci et bonne continuation a vous !

jalobservateur · Answer

Bienvenu!
Et ce que tu as acquis, pour sécuriser redonnes-le !

macintosh_os · Answer

ne vous casser plus la tête avec se trojan la solution et simple et facile vue qu'il désactive la mise a jour automatique vous telecharger la dernier mise a jour service pack 3 sur https://www.clubic.com/telecharger-fiche242026-windows-xp-service-pack-3.html
et puis scaner votre ordinateur avec votre antivirus et avec Ad-Aware et voila c fini et vous le rechopé plus.