Sujet Précédent Sujet Suivant

Trojan? HijackThis scan result log

seattle.ignorant -  
 Utilisateur anonyme -
Bonjour à vous tous, spécialistes.

J'ai fait un scan avec HijackThis et en voivi le résultat. Pouvez-vous me dire quoi faire maintenant?

Merci d'avance,
Seattle Ignorant

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:31:57 PM, on 3/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\sv.exe
C:\WINDOWS\svc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: ElnkScamBHO Class - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink TotalAccess\Toolbar\EScamBlk.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: ElnkPubBHO Class - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink TotalAccess\Toolbar\ElnkPuB.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ElnkProtectionBHO Class - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink TotalAccess\Toolbar\ProtctIE.dll
O2 - BHO: Microsoft copyright - {971D5B7B-F7DF-43ee-B771-6B7FA09975C3} - sipov.dll (file missing)
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O2 - BHO: TBSB02678 - {BDCA7AC9-C27B-4D30-A808-9B9081279C03} - C:\PROGRA~1\QUICKN~1\YOUTUB~1.DLL
O2 - BHO: ElnkLegacyUninstBHO Class - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink TotalAccess\Toolbar\uninsttb.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O3 - Toolbar: Youtube-Download-Convert-Toolbar - {6AE02E1C-8859-4F57-9097-5A55A56A4CAF} - C:\Program Files\Quicknation\YouTubeDownload-Convert.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsft Windows Adapter 5.1.3013] C:\Documents and Settings\Owner\Application Data\hxwdlea.exe
O4 - HKCU\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download File - C:\Program Files\Winferno\Secure IE\Scripts\AddToTransferQueue.htm
O8 - Extra context menu item: &Highlight - C:\Program Files\Winferno\Secure IE\Scripts\highlight.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzed095YYUS_ZNxdm117IYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: EarthLink Google Search - res://C:\Program Files\EarthLink TotalAccess\Toolbar\SearchUI.dll/search.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?bb6778072776431b91e43b41c210d5c0
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?bb6778072776431b91e43b41c210d5c0
O8 - Extra context menu item: Zoom &In - C:\Program Files\Winferno\Secure IE\Scripts\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\Program Files\Winferno\Secure IE\Scripts\zoomout.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: webmail.pas.earthlink.net
O15 - Trusted Zone: *.mcafee.com
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: owa.tahoma.wednet.edu
O15 - Trusted Zone: http://www.tahoma.wednet.edu
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5126/mcfscan.cab
O18 - Protocol: bw+0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Logical Disk Manager dmserverose (dmserverose) - Unknown owner - C:\WINDOWS\system32\~.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:

42 réponses

Réponse 1 / 42
Utilisateur anonyme
 
Bonsoir,

lol

Bon il y a du ménage...

Commençons par un bon coup de sot d'eau au détergents :

> Les logiciels suivants (AVG et Ccleaner) te seront utiles par la suite - ils sont à conserver...

> Télécharge et installe sur ton PC AVG anti-spyware (si tu as déjà les programmes alors fais juste les mises à jour) : http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware, fais les mises à jour puis ferme le programme.

> Télécharge et installe Ccleaner : https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux ici :
https://kerio.probb.fr/t242-tuto-ccleaner-v-2 , https://www.malekal.com/tutoriel-ccleaner/ et [http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner

> Télécharge Cleaner : http://www.malekal.com/download/clean.zip (différent de Ccleaner),

> Télécharge SDFix sur ton bureau
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix). Ferme ensuite le programme.

> Commence par faire un copier/coller de ce poste : (conseillé)
Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" => "Programmes" =>"Accessoires" => "Bloc notes"),
puis fait un copier/coller de tout le contenu de la fenêtre de ce poste dans le fichier texte.
Sauvegarde le sur le bureau, tu pourras y avoir accès même déconnecté ou en mode sans échec.

> Démarre en mode sans échec : (image). Si problème : tuto ici

> Lance AVG,
- Clique sur le menu Analyse (de la barre d'outils). Clique après sur l'onglet Paramètres, puis <Dans Comment réagir?> clique sur <Actions recommandées> et choisi <Quarantaine>.
- Vérifie que toutes les cases sont cochées dans <Comment faire l'analyse ?> et dans <Programmes potentiellement dangereux> et vérifie que le bouton-radio <Générer un rapport après chaque analyse> soit aussi coché.
- Vas dans l'onglet 'Analyse', puis clique <Analyse complète du système>.
Remarque : Une fois l'analyse terminée, il faut faire un clique droit sur un fichier infecté et demander à "AVG Anti-Spyware 7.5" de le supprimer.
Puis clique sur "Appliquer toutes les actions" afin de tout supprimer automatiquement.
- Clique sur "Enregistrer le rapport" puis enregistre le sur ton bureau.
- Fais un copier/coller du rapport généré dans ton prochain poste.

> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).

> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean
NB : Si besoin, clean : http://mickael.barroux.free.fr/securite/clean.php

> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commance....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse

> Relance ton PC en mode normal

> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,

Et envoie moi, par collier/coller, ton log Hijackthis stp,

Bon courage,

:)

A+
0
Utilisateur anonyme
 
Oupss, je te le laisse
0
Réponse 2 / 42
Utilisateur anonyme
 

Bonsoir
Ne pas surfer ailleurs que sur le site
Couper MSN ou tout autre connexion hormis celle sur le site
Appliquer exactement les procédures indiquées.
Rester devant la machine en rafraichissant souvent le forum pour voir les nouvelles réponses.
Répondre sans attendre à toutes les questions posées
Ne pas quitter tant qu'il n'est pas dit explicitement que le problème est résolu ou qu'il
dépasse les compétences de celui ou ceux qui vous aident.

Ne pas oublier : nous sommes des bénévoles.
Une réponse peut mettre un certain temps à parvenir. Cela ne veut pas dire qu'on vous oublie.
Nous mangeons, nous dormons nous avons une vie de famille aussi.


Préalable
• Vider la corbeille
• Fermer toutes les applications

===================== CCLEANER ========================

Nettoyage avec CCleaner
On va commencer par faire un peu le ménage

• Télécharger CCLeaner et l'installer sur le bureau en refusant l'installation de la barre Yahoo.
http://download.piriform.com/ccsetup205.exe
• Fermer toutes les applications
• Lancer CCLeaner
S'il n'est pas en Français cliquer sur Options, Setting, Language
et sélectionner Français
• cocher dans le menu Nettoyeur - onglet Windows :
Internet Explorer: Fichiers Internet Temporaires, Cookies
• Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
• Avancé: Vieilles données du Prefetch
• Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
Firefox/Mozilla: Cache Internet, Cookies
• Click sur Analyse
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur.
• Click sur Registre
• Sélectionner tout
• Click sur Chercher des erreurs (En bas)

Une fois le scan terminé sélectionner tout
• Click sur Réparer les erreurs sélectionnées
Relancer la machine mettre un nouveau rapport HitjackThis
0
Réponse 3 / 42
seattle.ignorant
 
Wow, merci booddha. Il y a en effet du travail... Je m'y mets de suite et je poste les logs.

A +
0
Utilisateur anonyme
 
Aller !!!

Au boulot ! Nonmého !!! mdr :)

booddha, reste qu'en même...

A+
0
Réponse 4 / 42
seattle.ignorant
 
Ah je m'excuse DllD, C'est toi que je dois remercier, et pas seulement boodha. Oopsy! Merci et à +

Je m'y mets, promis
0
Utilisateur anonyme
 
Trêve de bavardage...

Au travail...

Non mais..

;-))))
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 42
seattle.ignorant
 
OK, voilà donc les rapports de AVG, clean et SDFix

AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:14:26 PM 3/1/2008

+ Scan result:

C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{6AE02E1C-8859-4F57-9097-5A55A56A4CAF} -> Adware.MyTool : Cleaned.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{6AE02E1C-8859-4F57-9097-5A55A56A4CAF} -> Adware.MyTool : Cleaned.
HKU\S-1-5-21-3962291611-4163577834-692928192-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6AE02E1C-8859-4F57-9097-5A55A56A4CAF} -> Adware.MyTool : Cleaned.
HKU\S-1-5-21-3962291611-4163577834-692928192-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6AE02E1C-8859-4F57-9097-5A55A56A4CAF} -> Adware.MyTool : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O9O7QDLH\xpl[1].wmf -> Exploit.MS05-053-WMF : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SS0RJ8A3\xpl[1].wmf -> Exploit.MS05-053-WMF : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@sexlist[2].txt -> TrackingCookie.Sexlist : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.

::Report end

___________________________________________________________________________________________
Script executed in Safe Mode
Rapport clean par Malekal_morte - http://www.malekal.com
Script executed in Safe Mode Sat 03/01/2008 a 20:49:28.82

Microsoft Windows XP [Version 5.1.2600]

*** Suppression C:

*** Suppression C:\WINDOWS\

*** Suppression C:\WINDOWS\system32

*** Suppression C:\Program Files
tentative de suppression de "C:\Program Files\MyWebSearch\"
Impossible de supprimer "C:\Program Files\MyWebSearch\"

*** Deletion of the registry keys successful..
*** End of the report !

_________________________________________________________________________________________

[b]SDFix: Version 1.150 /b

Run by Owner on Sat 03/01/2008 at 08:56 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services /b:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting

[b]Checking Files /b:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\FM20EN~1.DLL - Deleted
C:\WINDOWS\system32\~.exe - Deleted
C:\WINDOWS\system32\sft.res - Deleted
C:\WINDOWS\system32\sipov.dll - Deleted
C:\WINDOWS\system32\ntos.exe - Deleted
C:\WINDOWS\system32\wsnpoem\audio.dll - Deleted
C:\WINDOWS\system32\wsnpoem\audio.dll.cla - Deleted
C:\WINDOWS\system32\wsnpoem\video.dll - Deleted

Folder C:\WINDOWS\system32\wsnpoem - Removed

Removing Temp Files

[b]ADS Check /b:

[b]Final Check /b:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 21:09:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"NextDetectionTime"="2008-03-02 05:07:46"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Detect]
"LastSuccessTime"="2008-03-01 05:36:46"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services /b:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\WINDOWS\\surfmonkey\\SMProxy.exe"="C:\\WINDOWS\\surfmonkey\\SMProxy.exe:*:Enabled:EarthLink Parental Controls"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Common Files\\Adobe\\ESD\\AdobeDownloadManager.exe"="C:\\Program Files\\Common Files\\Adobe\\ESD\\AdobeDownloadManager.exe:LocalSubNet:Enabled:Adobe Download Manager"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[b]Remaining Files /b:

File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Fri 22 Mar 2002 36,864 A.SHR --- "C:\Program Files\Detto\DettoWeb.exe"
Fri 22 Mar 2002 2,513,981 A.SHR --- "C:\Program Files\Detto\IntelliMover Demo.exe"
Wed 18 May 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 23 Jan 2007 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv16.bak"
Wed 18 May 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv18.bak"
Wed 18 May 2005 400 A.SH. --- "C:\Documents and Settings\All Users\DRM\v2ks.bla.bak"
Wed 18 May 2005 48 A.SH. --- "C:\Documents and Settings\All Users\DRM\v2ks.sec.bak"
Wed 18 May 2005 400 A.SH. --- "C:\Documents and Settings\All Users\DRM\v3ks.bla.bak"
Sun 2 Apr 2006 96,256 A..H. --- "C:\Documents and Settings\Owner\Desktop\~WRL0476.tmp"
Sat 16 Dec 2006 114 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti2D.tmp"
Fri 17 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 13 Jan 2008 37,888 ...H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\~WRL2535.tmp"
Thu 4 Jan 2007 32,256 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Templates\~WRL3803.tmp"
Tue 12 Dec 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0003.tmp"
Wed 8 Nov 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0004.tmp"
Fri 1 Dec 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0005.tmp"
Wed 27 Dec 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0006.tmp"
Wed 7 Mar 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0007.tmp"
Mon 7 May 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0008.tmp"
Mon 11 Jun 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0009.tmp"
Thu 2 Nov 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0164.tmp"
Wed 13 Dec 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0665.tmp"
Wed 13 Dec 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1004.tmp"
Mon 9 Apr 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1089.tmp"
Mon 26 Nov 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1291.tmp"
Tue 13 Mar 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1332.tmp"
Wed 16 May 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1735.tmp"
Mon 28 Jan 2008 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1736.tmp"
Sun 17 Jun 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1813.tmp"
Mon 31 Oct 2005 29,696 A..H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL2591.tmp"
Mon 17 Sep 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL2790.tmp"
Wed 13 Dec 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL2824.tmp"
Mon 7 May 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL2843.tmp"
Sat 7 Apr 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL2988.tmp"
Fri 23 Nov 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL3161.tmp"
Tue 16 Oct 2007 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL3216.tmp"
Mon 11 Dec 2006 30,208 ...H. --- "C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL3497.tmp"
Mon 29 May 2006 20,992 ...H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\~WRL1385.tmp"
Thu 8 Sep 2005 21,504 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\Household\~WRL1921.tmp"
Wed 16 May 2007 40,960 ...H. --- "C:\Documents and Settings\Owner\My Documents\Nath\Perso\~WRL1868.tmp"
Sun 15 May 2005 1,610 A.SH. --- "C:\Documents and Settings\Owner\Application Data\Roxio\Dragon\DiscInfoCache\HP_______DVD_Writer_300n__1.25_300_DICV017_DRGV200021C.TMP"
Mon 7 May 2007 32,768 ...H. --- "C:\Documents and Settings\Owner\My Documents\Nath\THS 2006-2007\Look I Can Talk More\~WRL2432.tmp"
Wed 25 Apr 2007 34,304 ...H. --- "C:\Documents and Settings\Owner\My Documents\Nath\THS 2006-2007\United Streaming\~WRL1333.tmp"
Mon 17 Sep 2007 32,768 ...H. --- "C:\Documents and Settings\Owner\My Documents\Nath\THS 2007-2008\French I-II\~WRL1506.tmp"
Mon 17 Sep 2007 35,328 ...H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Football\2007\~WRL0199.tmp"
Sun 26 Feb 2006 335,872 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\THS 2005-2006\Chapitre VI\~WRL1442.tmp"
Sun 26 Feb 2006 616,448 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\THS 2005-2006\Chapitre VI\~WRL2268.tmp"
Sun 26 Feb 2006 20,480 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\THS 2005-2006\Chapitre VI\~WRL2729.tmp"
Sun 26 Feb 2006 624,128 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\THS 2005-2006\Chapitre VI\~WRL3649.tmp"
Mon 30 Jan 2006 28,160 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\THS 2005-2006\Chapitre V\~WRL1803.tmp"
Fri 6 Oct 2006 261,120 ...H. --- "C:\Documents and Settings\Owner\My Documents\Nath\THS 2006-2007\Raconte-Moi Davantage\RMD I\~WRL3832.tmp"
Tue 29 Aug 2006 118,784 ...H. --- "C:\Documents and Settings\Owner\My Documents\Nath\THS 2006-2007\Raconte-Moi Davantage\RMD IV\~WRL1211.tmp"
Mon 1 Sep 2003 134,144 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\AP Psychology\Chapter 2\~WRL1713.tmp"
Mon 1 Sep 2003 202,240 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\AP Psychology\Chapter 2\~WRL1889.tmp"
Mon 1 Sep 2003 110,592 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\AP Psychology\Chapter 2\~WRL2083.tmp"
Mon 1 Sep 2003 213,504 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\AP Psychology\Chapter 2\~WRL2585.tmp"
Mon 1 Sep 2003 120,832 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\AP Psychology\Chapter 2\~WRL2625.tmp"
Thu 4 Sep 2003 24,576 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\Psychology\Chapter 6 - Brain and Nervous System\~WRL3828.tmp"
Sun 13 Jan 2002 22,016 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\Rex's Documents\Golf\~WRL1687.tmp"
Sun 13 Jan 2002 26,112 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\2004\Rex's Documents\Golf\~WRL2207.tmp"
Sun 11 Jun 2006 43,008 ...H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Masters\EDU 530 Summer 2006\Module 4\~WRL1622.tmp"
Sun 24 Jun 2007 32,256 ...H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Masters\EDU 560 Spring 2007\Module 7\~WRL0146.tmp"
Mon 16 Dec 2002 239,104 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\~WRL4057.tmp"
Sat 26 Nov 2005 39,936 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\THS 2005-2006\Chapitre IV\Assessment\~WRL0710.tmp"
Fri 25 Nov 2005 48,640 A..H. --- "C:\Documents and Settings\Owner\My Documents\Nath\GeneralTeaching\THS 2005-2006\Chapitre IV\ChIVL3\~WRL1595.tmp"
Wed 27 Sep 2006 25,600 ...H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Football\Football Folder\Coaching Staff Folder\Blog\~WRL1253.tmp"
Tue 29 Oct 2002 54,784 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\~WRL3114.tmp"
Wed 31 Aug 2005 38,912 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Football\Football Folder\Kentwood Scouting Folder\Opponents\Auburn 2005\~WRL0001.tmp"
Mon 21 Jan 2002 25,600 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\HPFOOTBALL\~WRL2181.tmp"
Mon 16 Dec 2002 120,832 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL0201.tmp"
Mon 16 Dec 2002 121,344 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL0546.tmp"
Mon 16 Dec 2002 124,416 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL0732.tmp"
Mon 16 Dec 2002 123,392 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL1272.tmp"
Mon 16 Dec 2002 117,248 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL1675.tmp"
Mon 16 Dec 2002 120,320 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL1726.tmp"
Mon 16 Dec 2002 123,392 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL2206.tmp"
Mon 16 Dec 2002 121,856 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL2381.tmp"
Mon 16 Dec 2002 121,856 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL2957.tmp"
Mon 16 Dec 2002 121,344 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL2966.tmp"
Mon 16 Dec 2002 118,784 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL3158.tmp"
Mon 16 Dec 2002 124,416 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL3621.tmp"
Mon 16 Dec 2002 123,392 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL3846.tmp"
Mon 16 Dec 2002 123,904 A..H. --- "C:\Documents and Settings\Owner\My Documents\Rex's Documents\Rex's Documents\2004\Rex's Documents\HighlandPark\W. Geo\World Geography\~WRL3856.tmp"

[b]Finished!/b

MERCI!
0
Réponse 6 / 42
seattle.ignorant
 
Voici le log de HijackThis après les démarches (que j;ai suivies à la lettre...) HA!

ça m'a pris du temps mais je me suis mis à bien travailler...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:31:35 PM, on 3/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ElnkScamBHO Class - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink TotalAccess\Toolbar\EScamBlk.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: ElnkPubBHO Class - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink TotalAccess\Toolbar\ElnkPuB.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ElnkProtectionBHO Class - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink TotalAccess\Toolbar\ProtctIE.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O2 - BHO: TBSB02678 Class - {BDCA7AC9-C27B-4D30-A808-9B9081279C03} - C:\PROGRA~1\QUICKN~1\YOUTUB~1.DLL
O2 - BHO: ElnkLegacyUninstBHO Class - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink TotalAccess\Toolbar\uninsttb.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download File - C:\Program Files\Winferno\Secure IE\Scripts\AddToTransferQueue.htm
O8 - Extra context menu item: &Highlight - C:\Program Files\Winferno\Secure IE\Scripts\highlight.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzed095YYUS_ZNxdm117IYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: EarthLink Google Search - res://C:\Program Files\EarthLink TotalAccess\Toolbar\SearchUI.dll/search.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?bb6778072776431b91e43b41c210d5c0
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?bb6778072776431b91e43b41c210d5c0
O8 - Extra context menu item: Zoom &In - C:\Program Files\Winferno\Secure IE\Scripts\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\Program Files\Winferno\Secure IE\Scripts\zoomout.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: webmail.pas.earthlink.net
O15 - Trusted Zone: *.mcafee.com
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: owa.tahoma.wednet.edu
O15 - Trusted Zone: http://www.tahoma.wednet.edu
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5126/mcfscan.cab
O18 - Protocol: bw+0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Logical Disk Manager dmserverose (dmserverose) - Unknown owner - C:\WINDOWS\system32\~.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 7 / 42
Utilisateur anonyme
 
LOP XP
1ere phase

Télécharger Lopxp http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

• Double-click sur Lopxpsetup.exe pour lancer l'installation
• Au menu, choisir l'option 1
• Patienter un peu
• Un rapport sera alors créé à copier/coller ici
0
Réponse 8 / 42
seattle.ignorant
 
Rapport lopxp. Merci :)

# Rapport Lopxp fait le Sun 03/02/2008 à 10:20:22
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.09 - Maj du 28/02/2008

Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\iexplore.exe" (2064)

========== Listing des dossiers Application Data

+- C:\Documents and Settings\Administrator\Application Data

2002-10-29 à 02:48:39 - Microsoft

+- C:\Documents and Settings\Administrator.NORRISFAMILY\Application Data

2002-10-29 à 02:13:47 - Adobe
2002-10-29 à 00:36:39 - Identities
2002-10-29 à 02:13:47 - InterTrust
2005-09-18 à 04:12:19 - Macromedia
2005-09-18 à 06:00:54 - Microsoft
2005-05-19 à 14:08:43 - Motive
2002-10-29 à 02:30:55 - SampleView
2002-10-29 à 01:50:50 - Share-to-Web Upload Folder
2002-10-29 à 01:57:27 - VERITAS

+- C:\Documents and Settings\Administrator.NORRISFAMILY\Local Settings\Application Data

2002-10-29 à 00:40:05 - Microsoft

+- C:\Documents and Settings\All Users\Application Data

2006-06-13 à 03:32:25 - Adobe
2006-10-25 à 17:11:54 - Apple Computer
2006-12-26 à 00:14:41 - Creative
2002-10-29 à 02:20:00 - Freedom
2008-03-01 à 23:59:13 - Grisoft
2006-11-26 à 23:14:27 - HP
2006-02-26 à 18:59:39 - InstallShield
2007-11-15 à 00:48:27 - Lavasoft
2007-10-07 à 21:15:59 - McAfee
2007-08-18 à 05:05:26 - Microsoft
2002-10-29 à 02:34:49 - Motive
2006-02-02 à 08:30:40 - MSN Search Toolbar
2007-06-25 à 22:30:29 - MumboJumbo
2006-04-11 à 16:33:21 - nView_Profiles
2005-04-15 à 03:32:57 - QuickTime
2002-10-29 à 00:41:01 - SBSI
2006-12-26 à 23:10:39 - Skype
2006-11-26 à 23:08:56 - Sonic
2008-01-10 à 03:47:45 - Spybot - Search & Destroy
2006-02-26 à 17:45:55 - Symantec
2007-07-12 à 02:33:30 - TEMP
2006-07-13 à 16:13:18 - Windows Genuine Advantage
2007-08-18 à 03:09:16 - YAHOO
2008-03-02 à 00:10:17 - Yahoo! Companion

+- C:\Documents and Settings\Default User\Application Data

2002-10-29 à 02:13:47 - Adobe
2002-10-29 à 00:36:39 - Identities
2002-10-29 à 02:13:47 - InterTrust
2002-10-29 à 00:39:37 - Microsoft
2002-10-29 à 02:30:55 - SampleView
2002-10-29 à 01:50:50 - Share-to-Web Upload Folder
2002-10-29 à 01:57:27 - VERITAS

+- C:\Documents and Settings\Default User\Local Settings\Application Data

2002-10-29 à 00:40:05 - Microsoft

+- C:\Documents and Settings\LocalService\Application Data

2002-10-29 à 00:39:27 - Microsoft

+- C:\Documents and Settings\LocalService\Local Settings\Application Data

2007-08-18 à 05:05:27 - Microsoft

+- C:\Documents and Settings\NetworkService\Application Data

2007-12-01 à 11:10:06 - Microsoft

+- C:\Documents and Settings\NetworkService\Local Settings\Application Data

2002-10-29 à 00:39:26 - Microsoft

+- C:\Documents and Settings\Owner\Application Data

2006-02-07 à 19:11:35 - Adobe
2006-02-07 à 05:23:49 - AdobeAUM
2007-01-28 à 07:40:39 - AdobeUM
2006-02-07 à 03:00:55 - Apple Computer
2005-04-25 à 13:44:20 - ArcSoft
2008-02-24 à 19:52:26 - Awola
2006-12-28 à 04:23:22 - Creative
2006-02-26 à 19:07:55 - Earthlink
2006-02-26 à 19:08:32 - EarthLink Toolbar
2005-04-12 à 01:34:14 - FotoWire
2005-04-15 à 18:16:30 - Freedom
2008-03-02 à 00:21:26 - Grisoft
2005-04-25 à 13:45:21 - Help
2006-12-02 à 01:34:44 - HP
2002-10-29 à 00:36:39 - Identities
2007-10-09 à 02:13:24 - IE7Pro
2005-04-13 à 17:23:07 - InterVideo
2005-05-18 à 01:08:36 - Leadertech
2005-06-04 à 17:31:48 - Macromedia
2008-01-10 à 03:45:44 - Microsoft
2005-04-16 à 17:27:50 - Motive
2007-01-29 à 16:19:11 - Mozilla
2005-10-16 à 01:09:59 - Mozilla(2)
2006-02-02 à 08:35:57 - MSN Search Toolbar
2005-11-05 à 20:35:17 - Musicmatch
2007-07-12 à 00:48:24 - PlayFirst
2005-12-27 à 18:18:22 - Real
2005-05-16 à 02:44:10 - Roxio
2002-10-29 à 02:30:55 - SampleView
2002-10-29 à 01:50:50 - Share-to-Web Upload Folder
2008-02-11 à 23:00:15 - Skype
2006-01-04 à 22:41:59 - Snapfish
2005-04-12 à 03:44:35 - Symantec
2005-04-15 à 21:57:54 - VERITAS
2008-01-09 à 12:31:07 - VersionTracker Pro
2008-02-28 à 08:21:14 - WeatherBug
2007-10-07 à 22:20:43 - Winferno

+- C:\Documents and Settings\Owner\Local Settings\Application Data

2005-05-08 à 23:25:46 - Adobe
2005-12-14 à 15:24:22 - Apple Computer
2008-03-02 à 18:05:42 - ApplicationHistory
2005-04-25 à 13:45:21 - Help
2006-11-26 à 23:36:17 - HP
2005-04-13 à 21:18:09 - Identities
2006-11-26 à 23:37:07 - IsolatedStorage
2008-03-01 à 02:25:39 - Microsoft
2007-01-29 à 16:19:11 - Mozilla
2007-08-18 à 04:05:54 - MTV Networks
2005-11-07 à 06:06:31 - Musicmatch
2007-08-18 à 03:09:15 - Yahoo

========== Listing du dossier Program Files

+- C:\Program Files

2005-12-12 à 16:39:06 - Adobe
2006-10-25 à 17:49:58 - Apple Software Update
2006-03-01 à 01:49:01 - ArcSoft
2002-10-29 à 02:20:52 - AtBackup
2006-12-26 à 00:45:36 - Audible
2002-10-29 à 05:36:43 - AWS
2002-10-29 à 02:30:00 - BackWeb
2008-03-02 à 00:07:09 - CCleaner
2007-11-15 à 00:40:58 - Common Files
2002-10-29 à 00:33:06 - ComPlus Applications
2002-10-29 à 02:15:35 - Corel
2008-03-01 à 04:37:19 - Creative
2006-12-26 à 00:40:08 - Creative Installation Information
2002-10-29 à 02:13:06 - Detto
2005-04-12 à 01:36:42 - directx
2006-03-01 à 01:47:30 - EarthLink
2008-03-01 à 05:16:44 - EarthLink TotalAccess
2007-07-01 à 05:31:32 - GameSpy Arcade
2007-06-07 à 04:56:32 - Google
2008-03-01 à 23:59:07 - Grisoft
2006-11-26 à 23:14:31 - Hewlett-Packard
2006-11-26 à 22:45:21 - HP
2002-10-29 à 02:30:01 - hp center
2002-10-29 à 02:34:48 - HP Instant Support
2002-10-29 à 01:47:05 - HP Photosmart 11
2007-10-09 à 02:13:06 - IE7Pro
2006-12-26 à 00:30:15 - illiminable
2007-10-08 à 00:00:57 - InstallShield Installation Information
2006-12-17 à 06:16:47 - InterActual
2008-02-24 à 11:25:26 - Internet Explorer
2002-10-29 à 01:56:02 - InterVideo
2008-02-06 à 03:58:07 - iPod
2008-02-06 à 03:58:44 - iTunes
2005-09-18 à 03:26:09 - iTunes(2)
2007-11-15 à 00:48:59 - Lavasoft
2002-10-29 à 01:31:03 - Ligos
2005-04-12 à 01:34:27 - Logitech
2008-03-02 à 18:20:37 - Lopxp
2005-05-22 à 18:59:16 - Messenger
2008-01-10 à 03:45:47 - Microsoft ActiveSync
2006-02-26 à 19:01:10 - Microsoft Agent
2002-10-29 à 00:36:43 - microsoft frontpage
2006-09-09 à 16:16:46 - Microsoft Office
2005-05-18 à 01:41:21 - Movie Maker
2007-01-29 à 16:56:46 - Mozilla Firefox(2)
2002-10-29 à 00:32:22 - MSN
2007-08-18 à 03:13:14 - MSN Games
2002-10-29 à 00:32:12 - MSN Gaming Zone
2007-10-22 à 02:41:17 - MSN Messenger
2006-02-02 à 08:32:28 - MSN Toolbar Suite
2006-01-03 à 02:58:09 - MsnMusic
2006-11-15 à 11:03:35 - MSXML 4.0
2007-08-18 à 04:05:45 - MTV Networks
2006-02-13 à 21:47:41 - MUSICMATCH
2005-05-13 à 17:57:09 - My Company Name
2008-03-02 à 04:26:48 - MyWebSearch
2007-08-17 à 03:01:44 - Netflix
2005-05-18 à 01:36:16 - NetMeeting
2002-10-29 à 05:35:46 - NortonAV
2002-10-29 à 02:30:55 - OEMLink
2005-04-15 à 22:54:49 - OfficeUpdate11
2002-10-29 à 02:26:05 - Online Services
2007-06-13 à 11:04:54 - Outlook Express
2005-10-16 à 01:09:59 - Photodex Presenter(2)
2007-10-07 à 23:54:55 - Quicken
2007-10-09 à 02:17:20 - Quicknation
2006-12-10 à 19:09:49 - QuickTime
2006-06-22 à 23:13:18 - Real
2005-11-21 à 19:38:09 - RecordNow
2005-04-12 à 03:06:25 - Repair Registry Pro
2002-10-29 à 02:11:12 - Simple Backup for My Pictures
2006-12-26 à 23:10:39 - Skype
2002-10-29 à 02:48:23 - Sonic
2008-01-10 à 03:47:46 - Spybot - Search & Destroy
2007-08-18 à 03:21:37 - Symantec
2006-02-26 à 18:16:33 - SymNetDrv
2007-11-15 à 00:58:07 - TechTracker
2007-12-28 à 04:53:11 - Touch by HTC User Guide
2008-02-24 à 18:54:24 - Trend Micro
2002-10-29 à 00:39:42 - Uninstall Information
2002-10-29 à 01:57:26 - VERITAS Software
2002-10-29 à 02:00:20 - WildTangent
2006-04-19 à 20:03:17 - Windows Live Safety Center
2005-04-12 à 01:33:47 - Windows Media Components
2007-08-18 à 03:35:13 - Windows Media Connect 2
2007-08-18 à 03:36:53 - Windows Media Player
2005-05-18 à 01:36:02 - Windows NT
2005-04-15 à 18:17:34 - WindowsUpdate
2002-10-29 à 00:36:43 - xerox
2008-02-24 à 19:00:42 - XoftSpySE
2007-08-18 à 03:09:14 - Yahoo!
2006-11-04 à 04:26:43 - Zone Labs

========== Tâches planifiées

AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task
SecurityScan.job: C:\Program Files\Winferno\Secure IE\SecurityScan\SecurityScan.exe /ac
wscupdtr.job: C:\Program Files\Common Files\Winferno\WSCUpdtr.exe
XoftSpySE 2.job: C:\Program Files\XoftSpySE\XoftSpy.exe ShowReminders
XoftSpySE.job: C:\Program Files\XoftSpySE\XoftSpy.exe -t

========== Clés registre

========== Bloqueur popups Internet Explorer

prod.campuscruiser.com
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
entertainment.msn.com/radio/launchradio.aspx
*webmessenger.msn.com/
my.msn.com
launchcast.launch.yahoo.com/radio/player
stream1.adsertion.com/radio
www.wlsam.com
www.streamaudio.com/listen
windowsmedia.com/radiotuner
entertainment.msn.com/radio
my.msn.com/video
windowsmedia.com
betavideo.my.msn.com
launchcast.launch.yahoo.com/radio
www.streamaudio.com
www.color-connection.com/VWVW/Lessons
www.ratp.info

========== Suggestion ( /!\ Nécessite une interprétation.) ==========

+- Registre : Aucune suggestion.

- Fin du rapport -
0
Réponse 9 / 42
Utilisateur anonyme
 
• Démarrer
• Exécuter
• puis copier/coller ce qui suit :

"%programfiles%\Lopxp\Lopxp.bat" /Fixme ( avec les guillemets )

• Répondre oui si la confirmation de la suppression d'un fichier est demandée.
• Copier/Coller le rapport dans la prochaine réponse puis un rapport Hitjackthis
0
seattle.ignorant
 
Boodha,

Voici le rapport de HiJack This après tes dernières directions. Merci beaucoup pour ton aide :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:47:57 AM, on 3/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ElnkScamBHO Class - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink TotalAccess\Toolbar\EScamBlk.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: ElnkPubBHO Class - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink TotalAccess\Toolbar\ElnkPuB.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ElnkProtectionBHO Class - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink TotalAccess\Toolbar\ProtctIE.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O2 - BHO: TBSB02678 Class - {BDCA7AC9-C27B-4D30-A808-9B9081279C03} - C:\PROGRA~1\QUICKN~1\YOUTUB~1.DLL
O2 - BHO: ElnkLegacyUninstBHO Class - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink TotalAccess\Toolbar\uninsttb.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download File - C:\Program Files\Winferno\Secure IE\Scripts\AddToTransferQueue.htm
O8 - Extra context menu item: &Highlight - C:\Program Files\Winferno\Secure IE\Scripts\highlight.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzed095YYUS_ZNxdm117IYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: EarthLink Google Search - res://C:\Program Files\EarthLink TotalAccess\Toolbar\SearchUI.dll/search.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?bb6778072776431b91e43b41c210d5c0
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?bb6778072776431b91e43b41c210d5c0
O8 - Extra context menu item: Zoom &In - C:\Program Files\Winferno\Secure IE\Scripts\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\Program Files\Winferno\Secure IE\Scripts\zoomout.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: webmail.pas.earthlink.net
O15 - Trusted Zone: *.mcafee.com
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: owa.tahoma.wednet.edu
O15 - Trusted Zone: http://www.tahoma.wednet.edu
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5126/mcfscan.cab
O18 - Protocol: bw+0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8E4CBA29-435E-451F-96CD-27FE67DD33FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Logical Disk Manager dmserverose (dmserverose) - Unknown owner - C:\WINDOWS\system32\~.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 10 / 42
seattle.ignorant
 
# Rapport Lopxp fait le Sun 03/02/2008 à 10:44:49
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.09 - Maj du 28/02/2008

========== FixLog ==========

+- Fichiers temporaires :
Nettoyage effectué.

========== Listing des dossiers Application Data

+- C:\Documents and Settings\Administrator\Application Data

2002-10-29 à 02:48:39 - Microsoft

+- C:\Documents and Settings\Administrator.NORRISFAMILY\Application Data

2002-10-29 à 02:13:47 - Adobe
2002-10-29 à 00:36:39 - Identities
2002-10-29 à 02:13:47 - InterTrust
2005-09-18 à 04:12:19 - Macromedia
2005-09-18 à 06:00:54 - Microsoft
2005-05-19 à 14:08:43 - Motive
2002-10-29 à 02:30:55 - SampleView
2002-10-29 à 01:50:50 - Share-to-Web Upload Folder
2002-10-29 à 01:57:27 - VERITAS

+- C:\Documents and Settings\Administrator.NORRISFAMILY\Local Settings\Application Data

2002-10-29 à 00:40:05 - Microsoft

+- C:\Documents and Settings\All Users\Application Data

2006-06-13 à 03:32:25 - Adobe
2006-10-25 à 17:11:54 - Apple Computer
2006-12-26 à 00:14:41 - Creative
2002-10-29 à 02:20:00 - Freedom
2008-03-01 à 23:59:13 - Grisoft
2006-11-26 à 23:14:27 - HP
2006-02-26 à 18:59:39 - InstallShield
2007-11-15 à 00:48:27 - Lavasoft
2007-10-07 à 21:15:59 - McAfee
2007-08-18 à 05:05:26 - Microsoft
2002-10-29 à 02:34:49 - Motive
2006-02-02 à 08:30:40 - MSN Search Toolbar
2007-06-25 à 22:30:29 - MumboJumbo
2006-04-11 à 16:33:21 - nView_Profiles
2005-04-15 à 03:32:57 - QuickTime
2002-10-29 à 00:41:01 - SBSI
2006-12-26 à 23:10:39 - Skype
2006-11-26 à 23:08:56 - Sonic
2008-01-10 à 03:47:45 - Spybot - Search & Destroy
2006-02-26 à 17:45:55 - Symantec
2007-07-12 à 02:33:30 - TEMP
2006-07-13 à 16:13:18 - Windows Genuine Advantage
2007-08-18 à 03:09:16 - YAHOO
2008-03-02 à 00:10:17 - Yahoo! Companion

+- C:\Documents and Settings\Default User\Application Data

2002-10-29 à 02:13:47 - Adobe
2002-10-29 à 00:36:39 - Identities
2002-10-29 à 02:13:47 - InterTrust
2002-10-29 à 00:39:37 - Microsoft
2002-10-29 à 02:30:55 - SampleView
2002-10-29 à 01:50:50 - Share-to-Web Upload Folder
2002-10-29 à 01:57:27 - VERITAS

+- C:\Documents and Settings\Default User\Local Settings\Application Data

2002-10-29 à 00:40:05 - Microsoft

+- C:\Documents and Settings\LocalService\Application Data

2002-10-29 à 00:39:27 - Microsoft

+- C:\Documents and Settings\LocalService\Local Settings\Application Data

2007-08-18 à 05:05:27 - Microsoft

+- C:\Documents and Settings\NetworkService\Application Data

2007-12-01 à 11:10:06 - Microsoft

+- C:\Documents and Settings\NetworkService\Local Settings\Application Data

2002-10-29 à 00:39:26 - Microsoft

+- C:\Documents and Settings\Owner\Application Data

2006-02-07 à 19:11:35 - Adobe
2006-02-07 à 05:23:49 - AdobeAUM
2007-01-28 à 07:40:39 - AdobeUM
2006-02-07 à 03:00:55 - Apple Computer
2005-04-25 à 13:44:20 - ArcSoft
2008-02-24 à 19:52:26 - Awola
2006-12-28 à 04:23:22 - Creative
2006-02-26 à 19:07:55 - Earthlink
2006-02-26 à 19:08:32 - EarthLink Toolbar
2005-04-12 à 01:34:14 - FotoWire
2005-04-15 à 18:16:30 - Freedom
2008-03-02 à 00:21:26 - Grisoft
2005-04-25 à 13:45:21 - Help
2006-12-02 à 01:34:44 - HP
2002-10-29 à 00:36:39 - Identities
2007-10-09 à 02:13:24 - IE7Pro
2005-04-13 à 17:23:07 - InterVideo
2005-05-18 à 01:08:36 - Leadertech
2005-06-04 à 17:31:48 - Macromedia
2008-01-10 à 03:45:44 - Microsoft
2005-04-16 à 17:27:50 - Motive
2007-01-29 à 16:19:11 - Mozilla
2005-10-16 à 01:09:59 - Mozilla(2)
2006-02-02 à 08:35:57 - MSN Search Toolbar
2005-11-05 à 20:35:17 - Musicmatch
2007-07-12 à 00:48:24 - PlayFirst
2005-12-27 à 18:18:22 - Real
2005-05-16 à 02:44:10 - Roxio
2002-10-29 à 02:30:55 - SampleView
2002-10-29 à 01:50:50 - Share-to-Web Upload Folder
2008-02-11 à 23:00:15 - Skype
2006-01-04 à 22:41:59 - Snapfish
2005-04-12 à 03:44:35 - Symantec
2005-04-15 à 21:57:54 - VERITAS
2008-01-09 à 12:31:07 - VersionTracker Pro
2008-02-28 à 08:21:14 - WeatherBug
2007-10-07 à 22:20:43 - Winferno

+- C:\Documents and Settings\Owner\Local Settings\Application Data

2005-05-08 à 23:25:46 - Adobe
2005-12-14 à 15:24:22 - Apple Computer
2008-03-02 à 18:05:42 - ApplicationHistory
2005-04-25 à 13:45:21 - Help
2006-11-26 à 23:36:17 - HP
2005-04-13 à 21:18:09 - Identities
2006-11-26 à 23:37:07 - IsolatedStorage
2008-03-01 à 02:25:39 - Microsoft
2007-01-29 à 16:19:11 - Mozilla
2007-08-18 à 04:05:54 - MTV Networks
2005-11-07 à 06:06:31 - Musicmatch
2007-08-18 à 03:09:15 - Yahoo

========== Listing du dossier Program Files

+- C:\Program Files

2005-12-12 à 16:39:06 - Adobe
2006-10-25 à 17:49:58 - Apple Software Update
2006-03-01 à 01:49:01 - ArcSoft
2002-10-29 à 02:20:52 - AtBackup
2006-12-26 à 00:45:36 - Audible
2002-10-29 à 05:36:43 - AWS
2002-10-29 à 02:30:00 - BackWeb
2008-03-02 à 00:07:09 - CCleaner
2007-11-15 à 00:40:58 - Common Files
2002-10-29 à 00:33:06 - ComPlus Applications
2002-10-29 à 02:15:35 - Corel
2008-03-01 à 04:37:19 - Creative
2006-12-26 à 00:40:08 - Creative Installation Information
2002-10-29 à 02:13:06 - Detto
2005-04-12 à 01:36:42 - directx
2006-03-01 à 01:47:30 - EarthLink
2008-03-01 à 05:16:44 - EarthLink TotalAccess
2007-07-01 à 05:31:32 - GameSpy Arcade
2007-06-07 à 04:56:32 - Google
2008-03-01 à 23:59:07 - Grisoft
2006-11-26 à 23:14:31 - Hewlett-Packard
2006-11-26 à 22:45:21 - HP
2002-10-29 à 02:30:01 - hp center
2002-10-29 à 02:34:48 - HP Instant Support
2002-10-29 à 01:47:05 - HP Photosmart 11
2007-10-09 à 02:13:06 - IE7Pro
2006-12-26 à 00:30:15 - illiminable
2007-10-08 à 00:00:57 - InstallShield Installation Information
2006-12-17 à 06:16:47 - InterActual
2008-02-24 à 11:25:26 - Internet Explorer
2002-10-29 à 01:56:02 - InterVideo
2008-02-06 à 03:58:07 - iPod
2008-02-06 à 03:58:44 - iTunes
2005-09-18 à 03:26:09 - iTunes(2)
2007-11-15 à 00:48:59 - Lavasoft
2002-10-29 à 01:31:03 - Ligos
2005-04-12 à 01:34:27 - Logitech
2008-03-02 à 18:45:00 - Lopxp
2005-05-22 à 18:59:16 - Messenger
2008-01-10 à 03:45:47 - Microsoft ActiveSync
2006-02-26 à 19:01:10 - Microsoft Agent
2002-10-29 à 00:36:43 - microsoft frontpage
2006-09-09 à 16:16:46 - Microsoft Office
2005-05-18 à 01:41:21 - Movie Maker
2007-01-29 à 16:56:46 - Mozilla Firefox(2)
2002-10-29 à 00:32:22 - MSN
2007-08-18 à 03:13:14 - MSN Games
2002-10-29 à 00:32:12 - MSN Gaming Zone
2007-10-22 à 02:41:17 - MSN Messenger
2006-02-02 à 08:32:28 - MSN Toolbar Suite
2006-01-03 à 02:58:09 - MsnMusic
2006-11-15 à 11:03:35 - MSXML 4.0
2007-08-18 à 04:05:45 - MTV Networks
2006-02-13 à 21:47:41 - MUSICMATCH
2005-05-13 à 17:57:09 - My Company Name
2008-03-02 à 04:26:48 - MyWebSearch
2007-08-17 à 03:01:44 - Netflix
2005-05-18 à 01:36:16 - NetMeeting
2002-10-29 à 05:35:46 - NortonAV
2002-10-29 à 02:30:55 - OEMLink
2005-04-15 à 22:54:49 - OfficeUpdate11
2002-10-29 à 02:26:05 - Online Services
2007-06-13 à 11:04:54 - Outlook Express
2005-10-16 à 01:09:59 - Photodex Presenter(2)
2007-10-07 à 23:54:55 - Quicken
2007-10-09 à 02:17:20 - Quicknation
2006-12-10 à 19:09:49 - QuickTime
2006-06-22 à 23:13:18 - Real
2005-11-21 à 19:38:09 - RecordNow
2005-04-12 à 03:06:25 - Repair Registry Pro
2002-10-29 à 02:11:12 - Simple Backup for My Pictures
2006-12-26 à 23:10:39 - Skype
2002-10-29 à 02:48:23 - Sonic
2008-01-10 à 03:47:46 - Spybot - Search & Destroy
2007-08-18 à 03:21:37 - Symantec
2006-02-26 à 18:16:33 - SymNetDrv
2007-11-15 à 00:58:07 - TechTracker
2007-12-28 à 04:53:11 - Touch by HTC User Guide
2008-02-24 à 18:54:24 - Trend Micro
2002-10-29 à 00:39:42 - Uninstall Information
2002-10-29 à 01:57:26 - VERITAS Software
2002-10-29 à 02:00:20 - WildTangent
2006-04-19 à 20:03:17 - Windows Live Safety Center
2005-04-12 à 01:33:47 - Windows Media Components
2007-08-18 à 03:35:13 - Windows Media Connect 2
2007-08-18 à 03:36:53 - Windows Media Player
2005-05-18 à 01:36:02 - Windows NT
2005-04-15 à 18:17:34 - WindowsUpdate
2002-10-29 à 00:36:43 - xerox
2008-02-24 à 19:00:42 - XoftSpySE
2007-08-18 à 03:09:14 - Yahoo!
2006-11-04 à 04:26:43 - Zone Labs

========== Tâches planifiées

AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task
SecurityScan.job: C:\Program Files\Winferno\Secure IE\SecurityScan\SecurityScan.exe /ac
wscupdtr.job: C:\Program Files\Common Files\Winferno\WSCUpdtr.exe
XoftSpySE 2.job: C:\Program Files\XoftSpySE\XoftSpy.exe ShowReminders
XoftSpySE.job: C:\Program Files\XoftSpySE\XoftSpy.exe -t

========== Clés registre

========== Bloqueur popups Internet Explorer

prod.campuscruiser.com
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
entertainment.msn.com/radio/launchradio.aspx
*webmessenger.msn.com/
my.msn.com
launchcast.launch.yahoo.com/radio/player
stream1.adsertion.com/radio
www.wlsam.com
www.streamaudio.com/listen
windowsmedia.com/radiotuner
entertainment.msn.com/radio
my.msn.com/video
windowsmedia.com
betavideo.my.msn.com
launchcast.launch.yahoo.com/radio
www.streamaudio.com
www.color-connection.com/VWVW/Lessons
www.ratp.info

========== Suggestion ( /!\ Nécessite une interprétation.) ==========

+- Registre : Aucune suggestion.

- Fin du rapport -
0
Réponse 11 / 42
Utilisateur anonyme
 
Demarrer --> Paramètres --> Panneau de configuration -->> Ajout/suppression de programmes.

Chercher une entrée contenant MyWebSearch

Selectionner et désinstaller (Supprimer à droite)

Si trouver relancer la machine et remettre un rapport hitjackthis

Si pas trouver, rendre compte ici

PS : met tes messages les uns en dessous des autres pour garder la chronologie.

Je vais diner (pas pour longtemps) A toute à l'heure
0
Réponse 12 / 42
seattle.ignorant
 
J'ai bien trouvé MyWebSearch dna l'Ajout/Suppression de Programmes mais malheureusement quand j'ai cliqué pour le désinstaller, jai reçun le message suivant:

RunDLL
Error loading c:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsbar.dll

ARGH!

Bon appétit!
0
Réponse 13 / 42
Utilisateur anonyme
 
1) Avec l'explorateur de fichier trouve

C:\Program Files\MyWebSearch

Supprime le dossier (répertoire) MyWebSearch

2) S'il te dit que tu ne peux pas

CTRL-ALT-SUPPR --> Onglet Processus.

Cherche dedans MyWebSearch ou quelque chose qui le contient
Tu sélectionnes et tu clique sur le bouton en bas à droite Terminer le processus

Si il ne veut pas terminer le processus faire 1) mais en mode sans echec

Si tu es arrivé à le supprimer, vide ta corbeille.

Relance ta machine et met moi un nouveau rapport Hitjacthis.

Si tu n'as pas pu le supprimer fais le moi savoir
0
seattle.ignorant
 
Booddha,

(1) ne fonctionne pas
(2) je ne trouve rien dans la liste des processus en service. Est-ce que "MsPMSPSv.exe" te semble etre une possiblité?

Sinon, je vais essayer le procédé mais en Mode Sans Echec comme tu me l'as recommandé. Je préfère attendre ta réponse avant de faire une betise...

Merci
0
Réponse 14 / 42
Utilisateur anonyme
 
Essaye le mode sans echec, ne touches pas au processus.
0
Réponse 15 / 42
seattle.ignorant
 
OK merci. J'essaie et je redémarre Internet.
0
Réponse 16 / 42
seattle.ignorant
 
Meme en Mode Sans Echec, je ne peux pas desinstaller MyWebSearch. Grrr
0
Réponse 17 / 42
Utilisateur anonyme
 
Pourquoi? Le répertoire est invisible ? Ou il refuse (Désinstaller ou supprimer le répertoire?)
0
Réponse 18 / 42
seattle.ignorant
 
Le répertoire est bien visible mais quand je clique sur "désinstaller" j'ai une fenetre avec un message erreur qui apparait:

RunDLL
Error loading Error loading c:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsbar.dll
0
Réponse 19 / 42
Utilisateur anonyme
 
Ok on va faire autrement
0
Réponse 20 / 42
Utilisateur anonyme
 
On va essayer ça

===================== COMBOFIX ========================

Combofix

Installer ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
sur le bureau

• Double click sur l'icône qui s'est installé sur ton bureau :
• Appuyer sur la touche 1 puis sur entrée:
• Laisser Combofix travailler
• Copier/Coller le rapport généré dans la prochaine réponse

Note :
Le serveur de téléchargement peut être en surcharge et renvoyer une page d'erreur. Il faut insister.

Ce n'est pas la fin du déverminage

Recolle un rapport Hitjacthis après
0

Discussions similaires

télécharger router scan v2.6 ou v3.6
naf_2019 -
brucine -

2 réponses
comment lire des bd gratuitement en ligne sur internet ?
theodu13480 -
Ereka -

2 réponses
TI college plus (calculatrice probleme)
help39 -
Utilisateur anonyme -

3 réponses
site pour lire des yaoi
CrocodileAimable94 -
Bruno83200_6929 -

3 réponses
Lire des bd en ligne
miss-titi -
Ananas1 -

3 réponses