virus ismm.exe Résolu

Question

Bonjour,

Mon ordinateur est infecté par ismm.exe.

J'ai suivi les conseils de ce forum, mais tout n'est pas résolu, ci-joint bloc notes de fixnavi

Merci de votre aide 

Search Navipromo version 3.3.8 commencé le 25/12/2007 à 10:34:47,46

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files
avilog1
Mise à jour le 11.12.2007 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11 
Système de fichiers : FAT32

Executé en mode normal

*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***

C:\Program Files\InternetGameBox trouvé !


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\HERVE\application data" *** 


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\HERVE\local settings\application data" * 



*** Recherche fichiers *** 


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32
vs2.inf trouvé !


*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :

pgulmdi.dat trouvé !
pgulmdi_nav.dat trouvé !
pgulmdi_navup.dat trouvé !

* Dans "C:\Documents and Settings\HERVE\local settings\application data" : 


3)Recherche Certificats :

Certificat Egroup trouvé !

4)Recherche fichiers connus :



*** Analyse terminée le 25/12/2007 à 10:36:48,32 ***

jfkpresident · Answer

salut,
passe a létape 2 de navilog puis colle le rapport.
poste un hijackthis avec:
1) Clique ICI pour télécharger le fichier d'installation d'HijackThis :http://www.infos-du-net.com/telecharger/HijackThis,0301-454.html

Enregistre HJTInstall.exe sur ton bureau  

Double-clique sur HJTInstall.exe pour lancer le programme

Par défaut, il s'installera là || C:\Program Files\Trend Micro\HijackThis

Accepte la license en cliquant sur le bouton "I Accept"

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

Colle le rapport que tu viens de copier sur ce forum

Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

leon560 · Answer

Clean Navipromo version 3.3.8 commencé le 25/12/2007 à 15:34:03,73

Outil exécuté depuis C:\Program Files
avilog1
Mise à jour le 11.12.2007 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : FAT32

Mode suppression automatique 


 
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
 

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\WINDOWS\System32 *


* Suppression dans "C:\Documents and Settings\HERVE\local settings\application data" * 



*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***

C:\Program Files\InternetGameBox ...suppression... 
C:\Program Files\InternetGameBox supprimé ! 


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***


*** Suppression dossiers dans "C:\Documents and Settings\HERVE\application data" *** 


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32
vs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HERVE\local settings\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans C:\WINDOWS\system32 *

pgulmdi.dat trouvé !
Copie pgulmdi.dat réalisée avec succès !
pgulmdi.dat supprimé !

pgulmdi_nav.dat trouvé !
Copie pgulmdi_nav.dat réalisée avec succès !
pgulmdi_nav.dat supprimé !

pgulmdi_navup.dat trouvé !
Copie pgulmdi_navup.dat réalisée avec succès !
pgulmdi_navup.dat supprimé !

pgulmdi_navps.dat trouvé !
Copie pgulmdi_navps.dat réalisée avec succès !
pgulmdi_navps.dat supprimé !


* Dans "C:\Documents and Settings\HERVE\local settings\application data" * 


*** Sauvegarde du Registre vers dossier Backupnavi ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !

*** Nettoyage terminé le 25/12/2007 à 15:41:32,73 ***

leon560 · Answer

dernière nouvelle

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:06:42, on 25/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
D:\a-squared Anti-Malware\a2guard.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
F:\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
D:\PROGRA~1\MICROS~2apimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\HERVE\LOCALS~1\Temp\Rar$EX01.719\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} - C:\Program Files\Video Add-on\isfmdl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: IE Custom Tools - {F2BADA0D-FD61-45EF-A994-64A073FD6613} - C:\Program Files\Video Add-on\ictmdl.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [eCarteBleue-SG-P3-Premier] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue Premier\ECB-SGP.exe"  /dontopenmycards
O4 - HKLM\..\Run: [a-squared] "D:\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,90/mcinsctl.cab
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fphotos.msn.fr%2fresources%2fneutral%2fcontrols%2fDigWebX2.cab%3f
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://72.32.179.44/filter/cameraviewer/isetup.cab
O16 - DPF: {AEF76437-F960-4EBC-97EA-7BBB4230CF38} (OcarptMain Class) - https://oca.microsoft.com/en/secure/ocarpt.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: cariniana - {5c770fbc-cc2f-4acd-93e8-e6f0594307fd} - C:\WINDOWS\system32\gnjsjc.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

jfkpresident · Answer

une question combien tu as de pare-feu activé??

leon560 · Answer

J'ai juste l'antivirus orange + a-squared

jfkpresident · Answer

est ce que tu as le pare-feu windows activé ainsi qu'un autre?si c'est le cas désactive celui de windows.

leon560 · Answer

ok, cest fait

jfkpresident · Answer

re,
maintenant refais un hijack STP.

leon560 · Answer

Voici le résultat

Merc i

09:09 26/12/2007Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:08:18, on 26/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
F:\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\MICROS~2apimgr.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} - C:\Program Files\Video Add-on\isfmdl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: IE Custom Tools - {F2BADA0D-FD61-45EF-A994-64A073FD6613} - C:\Program Files\Video Add-on\ictmdl.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [eCarteBleue-SG-P3-Premier] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue Premier\ECB-SGP.exe"  /dontopenmycards
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O4 - HKUS\S-1-5-21-776561741-2000478354-1801674531-1005\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'MICHELE')
O4 - HKUS\S-1-5-21-776561741-2000478354-1801674531-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'MICHELE')
O4 - HKUS\S-1-5-21-776561741-2000478354-1801674531-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'MICHELE')
O4 - HKUS\S-1-5-21-776561741-2000478354-1801674531-1005\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (User 'MICHELE')
O4 - S-1-5-21-776561741-2000478354-1801674531-1005 Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User 'MICHELE')
O4 - S-1-5-21-776561741-2000478354-1801674531-1005 User Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User 'MICHELE')
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,90/mcinsctl.cab
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fphotos.msn.fr%2fresources%2fneutral%2fcontrols%2fDigWebX2.cab%3f
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://72.32.179.44/filter/cameraviewer/isetup.cab
O16 - DPF: {AEF76437-F960-4EBC-97EA-7BBB4230CF38} (OcarptMain Class) - https://oca.microsoft.com/en/secure/ocarpt.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: cariniana - {5c770fbc-cc2f-4acd-93e8-e6f0594307fd} - C:\WINDOWS\system32\gnjsjc.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

jfkpresident · Answer

re,
tu vas faire un scan en ligne bitdefender:
E - Scan online avec BitDefender 

Fais ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; 

la barre anti-popup du SP2 (en haut) va se mettre à clignoter, 
clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus. 
Une fois qu'il a terminé colle le rapport ici stp 
https://www.bitdefender.com/toolbox/ 
Copie/Colle le rapport 
http://www.malekal.com/tutorial_BitDefender_AntiSpyware.php 
https://kerio.probb.fr/ 
http://pageperso.aol.fr/rginformatique/mapage/defender.htm

leon560 · Answer

ok, c'est parti
Je reviens vers toi dès que c'est fait. Dès à présent, merci pour tout

leon560 · Answer

Voici le rapport

BitDefender Online Scanner
  
  
 
Rapport d'analyse généré à: Wed, Dec 26, 2007 - 21:47:51
 
 
  
  
 
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;
  
  
 
 
  
  
 
Statistiques
 
Temps
 01:36:59
 
Fichiers
 337278
 
Directoires
 7189
 
Secteurs de boot
 4
 
Archives
 7682
 
Paquets programmes
 21940
 
  
  
 
Résultats
 
Virus identifiés
 0
 
Fichiers infectés
 0
 
Fichiers suspects
 0
 
Avertissements
 0
 
Désinfectés
 0
 
Fichiers effacés
 0
 
  
  
 
Info sur les moteurs
 
Définition virus
 884349
 
Version des moteurs
 AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
 
Analyse des plugins
 14
 
Archive des plugins
 38
 
Unpack des plugins
 7
 
E-mail plugins
 6
 
Système plugins
 1
 
  
  
 
Paramètres d'analyse
 
Première action
 Désinfecté
 
Seconde Action
 Supprimé
 
Heuristique
 Oui
 
Acceptez les avertissements
 Oui
 
Extensions analysées
 *;
 
Excludez les extensions
  
 
Analyse d'emails
 Oui
 
Analyse des Archives
 Oui
 
Analyser paquets programmes
 Oui
 
Analyse des fichiers
 Oui
 
Analyse de boot
 Oui
 
  
  
 
  Fichier analysé
  Statut
 
Aucun virus trouvé.

jfkpresident · Answer

télécharge smitfraudfix:http://www.commentcamarche.net/telecharger/telechargement 230 smitfraudfix 
TUTO:https://www.zebulon.fr/dossiers/tutoriaux/66-smitfraudfix.html 
colle le rapport ici.
**si je ne répond pas de suite c'est que moi aussi j'ai un métier et une famille**

leon560 · Answer

Voici le rapport

SmitFraudFix v2.200

Rapport fait à  8:55:41,84, 27/12/2007
Executé à partir de C:\Program Files\MSN\MSNCoreFiles\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
F:\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
D:\PROGRA~1\MICROS~2apimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HERVE


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HERVE\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HERVE\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}"="cariniana"

[HKEY_CLASSES_ROOT\CLSID\{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}\InProcServer32]
@="C:\WINDOWS\system32\gnjsjc.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}\InProcServer32]
@="C:\WINDOWS\system32\gnjsjc.dll"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

jfkpresident · Answer

supprime "smitfraufix" et installe celui ci:
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe le puis

* Installe le à la racine de C

Tu crees un nouveau dossier, via clic droit "créer /nouveau dossier que tu nommes SmitfraudFix --> C:\SmitfraudFix

Regarde un exemple a E ) « Faire un répertoire dédié » https://forum.pcastuces.com/sujet.asp?f=25&s=3902

* double clic sur l'exe pour le décompresser et lancer le fix.
Utilisation ----- option 1 - Recherche :
* Double clique sur smitfraudfix.cmd
* Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
* Poste le rapport ici

leon560 · Answer

SmitFraudFix v2.274

Rapport fait à 17:53:14,90, 27/12/2007
Executé à partir de C:\smitfraudfix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
F:\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
D:\PROGRA~1\MICROS~2apimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HERVE


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HERVE\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HERVE\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 

C:\Program Files\Video Add-on\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}"="cariniana"

[HKEY_CLASSES_ROOT\CLSID\{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}\InProcServer32]
@="C:\WINDOWS\system32\gnjsjc.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}\InProcServer32]
@="C:\WINDOWS\system32\gnjsjc.dll"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

jfkpresident · Answer

Redémarre ton ordinateur en mode sans échec : https://www.malekal.com/demarrer-windows-mode-sans-echec/
Ouvre le dossier SmitfraudFix
Double clic sur [b]SmitfraudFix.cmd[/b] choisis l'option 2 et Entrée
Réponds O aux deux questions suivantes:
-Voulez-vous nettoyer le registre ?
-Corriger le fichier infecté ?
Un rapport.txt sera généré et tu le postes pour contrôle.

leon560 · Answer

voici le dernier rapport

SmitFraudFix v2.274

Rapport fait à 18:59:46,54, 27/12/2007
Executé à partir de C:\smitfraudfix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}"="cariniana"

[HKEY_CLASSES_ROOT\CLSID\{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}\InProcServer32]
@="C:\WINDOWS\system32\gnjsjc.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{5c770fbc-cc2f-4acd-93e8-e6f0594307fd}\InProcServer32]
@="C:\WINDOWS\system32\gnjsjc.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1  localhost 

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\Program Files\Video Add-on\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{909C5664-8373-4DCE-A072-3EF50F75D53D}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

jfkpresident · Answer

reposte un log hijack pour vérifier.

leon560 · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:15:47, on 27/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
F:\iTunesHelper.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
D:\PROGRA~1\MICROS~2apimgr.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [eCarteBleue-SG-P3-Premier] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue Premier\ECB-SGP.exe"  /dontopenmycards
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,90/mcinsctl.cab
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fphotos.msn.fr%2fresources%2fneutral%2fcontrols%2fDigWebX2.cab%3f
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://72.32.179.44/filter/cameraviewer/isetup.cab
O16 - DPF: {AEF76437-F960-4EBC-97EA-7BBB4230CF38} (OcarptMain Class) - https://oca.microsoft.com/en/secure/ocarpt.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

leon560 · Answer

Bonjour,

A mon sens le problème est résolu, merci à JFK qui m'a donné toutes les solutions et que je remercie infiniment de me le confirmer

jfkpresident · Answer

escuse du retard ,tu vas cocher  ces lignes avec hijackthis:
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O18 - Protocol: bw+0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {60362865-0351-4844-9126-2C947C1FC535} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 

ENSUITE tu clique sur"fixchecked"

jfkpresident · Answer

et pour finir :
desinstalle smitfraudfix.
et navilog:Pour supprimer Navilog par la suite 

1/ Désinstalle Navilog1 Via ajout/suppression des programmes --> Navilog1 
Via le fichier uninstall présent dans le dossier %programfiles%
avilog1.1 
Ensuite supprime également ce dossier : C:\Program Files
avilog1 

passe clean.zip pour finir le nettoyage:Télécharge « clean.zip » 
http://www.malekal.com/download/clean.zip 
•- Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier dénommé "clean ". 
 
•- Redémarre en mode sans échec. ( note bien ce que tu as à faire ). 
•- Ouvre le dossier « clean » qui se trouve sur ton bureau. 
•- Double-clic sur « clean.cmd ». 
Une fenêtre noire va apparaître, choisis l’option 2. 

Clean va travailler. 
•- Redémarre normalement 
•- Poste qui se trouve ici C:apport_clean.txt.

apres ca il ne devrait plus y avoir de problemes...

leon560 · Answer

Script execute en mode sans echec 
Rapport clean par Malekal_morte - http://www.malekal.com 
Script execute en mode sans echec 28/12/2007 a 10:44:24,37 

Microsoft Windows XP [version 5.1.2600]
 
*** Suppression des fichiers dans C: 
 
*** Suppression des fichiers dans C:\WINDOWS\ 
 
*** Suppression des fichiers dans C:\WINDOWS\system32 
 
*** Suppression des fichiers dans C:\Program Files 
 
*** Suppression des clefs du registre effectuee.. 
*** Fin du rapport ! 
Merci de ta réponse

jfkpresident · Answer

de rien et que je ne t'y reprenne plus.....LOL
passe de bonnes fetes et bon SURF.

leon560 · Answer

Merci encore pour tout et bonnes fêtes de fin d'année

Virus ismm.exe - Page 2

Discussions similaires

Newsletters