S.O.S ma barre des tâches fait le yoyo Résolu/Fermé

Question

Bonjour,


je dois avpir un virus redondant ma barre des taches  en bas a droite fait le yoyo elle va et viens  et demarrer fou le camp je suis obligé d'appuyer sur la touche ctrk pour stoper çà

COMMENT ERADIQUER   ce probleme

MERCI

Utilisateur anonyme · Accepted Answer

en regardant ton log je vois orange donc :

tu as un détournement de DNS


Réouvre hijackthis
fais scan only
coche ces lignes :

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') 
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') 


O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab 
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support 
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/ 
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab 
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab 
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab 
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab 
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx 
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/ 
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/ 
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin
pseatools.cab 
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326 
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab 

tu les coches toutes et tu clic sur fix checked

ensuite :


mprime ces instructions car il va y avoir un redémarrage de l'ordinateur. 

* Télécharge FixWareout de ce site sur le bureau: 
http://downloads.subratam.org/Fixwareout.exe 
hxxp://swandog46.geekstogo.com/Fixwareout.exe 

* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish. 
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal. 

*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt)  dans ta prochaine réponse. 



ensuite :


Télécharge cet outil de SiRi: 

http://siri.urz.free.fr/RHosts.php 

Double cliquer dessus pour l'exécuter 

et cliquer sur " Restore original Hosts " 


et pour finir :


Telecharge malwarebytes 

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Tu l´instale; le programme va se mettre automatiquement a jour. 

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression". 

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet". 

Puis click sur "rechercher". 

Laisse le scanner le pc... 

Si des elements on ete trouvés > click sur supprimer la selection. 

si il t´es demandé de redemarrer > click sur "yes". 

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum. 

Copie et colle le rapport stp.

ps : les rapport sont aussi rangé dans l onglet rapport/log

geoffrey5 · Answer

Salut !!

Télécharge sur le bureau hijackthis.. Voici le lien : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

-Double-clic dessus 
- Clic sur "Do a system scan and save the log" 
= copier le rapport, le coller dans la réponse.

C est pour voir si il y a infection dans ton pc.

geoffrey5 · Answer

Je ne vois aucunes infections mais je vois que tu as pris le SP3 qui apparement n est pas encore tres au point, il a des bugs..
Je te conseille donc de désinstaller le SP3 et de reprendre le SP2 à cette adresse :

https://www.01net.com/telecharger/windows/Utilitaire/dll_librairies/fiches/29989.html

Utilisateur anonyme · Answer

pour suivre merci

Utilisateur anonyme · Answer

une question tu habites san francisco ???

Utilisateur anonyme · Answer

Garde le SP3

Pour info pas besoin de réinstaller le SP2 si SP3 supprimé 

un conseil fais ce qui est expliqué post 6 avant qu il soit trop tard ....

Utilisateur anonyme · Answer

OK

Utilisateur anonyme · Answer

A demain

geoffrey5 · Answer

orange n est pas une infection, ne t inquiete pas, je n en voit aucune..

essais en téléchargeant regcleaner : https://www.01net.com/telecharger/

une fois installé, ouvre le et clique sur liste de démarrage.
Supprimes les programmes qui s ouvre au démarrage qui ne te servent à rien, laisse juste ton antivirus..
Viens dire ce qu il en est apres.

geoffrey5 · Answer

refais un hijackthis pour vérifier

geoffrey5 · Answer

est ce que tu as essayé en faisant des scans en ligne??

Si non, voici un lien avec des antivirus en ligne..Les 2 premiers savent désinfecter mais pas le troisieme, il sait juste détecter..

http://www.zebulon.fr/outils/antivirus/antivirus-en-ligne.php

Utilisateur anonyme · Answer

Salut réouvre hijackthis 
fais scan only 
coche ces lignes :



O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin
pseatools.cab 
O17 - HKLM\System\CCS\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{60BC1E9A-0E52-4F15-84B5-10A9CE9BAA32}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 80.10.246.1 81.253.149.2 
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2BCA6B3-F63D-47E6-90B1-632926D980C7}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS3\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 208.67.220.220,208.67.222.222 

tu les coches et t clic sur fix checked


ensuite redémarre le pc 

et refai sle scan malewarebyte stp

Utilisateur anonyme · Answer

re

tes soucis viennent de las :


O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin
pseatools.cab 
O17 - HKLM\System\CCS\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{60BC1E9A-0E52-4F15-84B5-10A9CE9BAA32}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 80.10.246.1 81.253.149.2 
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2BCA6B3-F63D-47E6-90B1-632926D980C7}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS1\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 208.67.220.220,208.67.222.222 
O17 - HKLM\System\CS3\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 208.67.220.220,208.67.222.222 

réouvre hijackthis
fais scan only
coche ces lignes 
et clic sur fix checked

ensuite redémarre le pc 


ensuite réouvre malewarebyte
va sur mise a jours
verifie si d autre mises a jours ne sont pas disponoble
lance un examen RAPIDE pour commencer

et poste le rapport stp

Utilisateur anonyme · Answer

No action taken

t as supprimé la selection ??

Si oui vide la quarantaine

# Télécharge ceci: (merci a S!RI pour ce petit programme). 

http://siri.urz.free.fr/Fix/SmitfraudFix.zip 

Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, 
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php 
il va générer un rapport : copie/colle le sur le poste stp.

Utilisateur anonyme · Answer

# Relance le programme Smitfraud : 
Cette fois choisit l’option 2, répond oui a tous ; 
Sauvegarde le rapport,  copie/colle le rapport sauvegardé sur le forum 

ouvre une page internet
clic sur outils en haut a droite
choisi option internet
va sur avancé
clic sur réinitialiser et confirme

ferme internet et redémarre le

Utilisateur anonyme · Answer

réouvre malewarebyte
va sur mise a jours
verifie si d autres MAJ sont dispo

puis refais un scan COMPLET

navino · Answer

voilà j'ai fais ce qui precedait   ma barre des taches yoyote toujours!! je suis obliger de la stabiliser avec la touche ctrl  !!!!!!!  BIGRE!!!!!!

pour malewarebyte 
  en complet je vais en avoir plus de 4h!!!!!!!!!!!!!!!!!!! et peut être m^me plus c demant??????????

Utilisateur anonyme · Answer

pour malewarebyte

debranche tes DD externe si t en as 

ça ira plus vite

Utilisateur anonyme · Answer

ton disque C fais combien ??

Utilisateur anonyme · Answer

vaut mieux laisser le scan ce faire soit patient 

t es pas obligé de rester sur le pc

navino · Answer

sourire!!
 je sais mais j'ai la tnt dans l'ordi et je regarde roland garros en même temps!!

1h54   il y en auras pour plus de 4h!!!!!!!!!!  çà fait super long!!!!

navino · Answer

BON VOILA LE RAPPORT   Problème non RESOLU  la barre des taches yoyotte   et losrque je vais dans demarrer  arretter  et voir tous les programmes  tout fou le camp!!!!!   IL Y A UN TRUC!!!      j'ai été encore deconnecté du net!!!  et le son de demarage xp  accroche

donc tous çà pas vraiment catholique   donc donc????

Malwarebytes' Anti-Malware 1.14
Version de la base de données: 812

19:28:19 01/06/2008
mbam-log-6-1-2008 (19-28-08).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 351463
Temps écoulé: 4 hour(s), 34 minute(s), 40 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetPlaces (StartMenu.Hijack) -> Bad: (0) Good: (1) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


Malwarebytes' Anti-Malware 1.14
Version de la base de données: 812

19:28:19 01/06/2008
mbam-log-6-1-2008 (19-28-08).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 351463
Temps écoulé: 4 hour(s), 34 minute(s), 40 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetPlaces (StartMenu.Hijack) -> Bad: (0) Good: (1) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Utilisateur anonyme · Answer

en effet et appremment c est dans le menu demmarer 

y a marqué : No action taken.

as tu supprimé la selection ??

Utilisateur anonyme · Answer

a la fin du scan malewarebye tu as supprimer la selection 

fais ça :

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe 


-> Double clique combofix.exe. 
-> Tape sur la touche 1 (Yes) pour démarrer le scan. 
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt 

Avant d'utiliser ComboFix : 

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours. 

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil. 

Une fois fait, sur ton bureau double-clic sur Combofix.exe. 

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc. 

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. 

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire. 

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt) 

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. 

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message. 

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Utilisateur anonyme · Answer

réouvre hijackthis 
fais scan only 
coche ces lignes :

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') 
O4 - .DEFAULT User Startup: AutoTBar.exe~6DADJ5LP (User 'Default user') 
O4 - .DEFAULT User Startup: AutoTBar.exe~GNC9GLCP (User 'Default user') 
O4 - .DEFAULT User Startup: desktop.ini~8O1BTFNF (User 'Default user') 
O4 - .DEFAULT User Startup: desktop.ini~FFJ4IJOH (User 'Default user') 

tu les coches et tu clic sur fix checked

ensuite redémarre et test

Utilisateur anonyme · Answer

tu connais ce dossier : C:\Documents and Settings\Administrateur.NOM-W8KZ05N5F7S  ??

Utilisateur anonyme · Answer

Sur le net on parle d infection !!

Utilisateur anonyme · Answer

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. 
double-clique sur OTMoveIt.exe pour le lancer. 
copie la liste qui se trouve en gras ci-dessous, 
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved. 


C:\WINDOWS\system32\perfh00C.dat 
C:\WINDOWS\system32\perfc00C.dat 
C:\WINDOWS\system32\perfh040.dat 
C:\WINDOWS\system32\perfc040.dat 


clique sur MoveIt! pour lancer la suppression. 
le résultat apparaitra dans le cadre "Results". 
clique sur Exit pour fermer. 
poste le rapport situé dans C:\_OTMoveIt\MovedFiles. 

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

Utilisateur anonyme · Answer

ok redémarre le pc

sinon j ai appelé une autre personne pour qu elle jette un coup d oeil a ta situation

g!rly · Answer

bonsoir,

navino post un nouveau rapport hijack this stp

@+

Utilisateur anonyme · Answer

oui repond a g!rly stp c est moi qui l ai appelé ....

Utilisateur anonyme · Answer

ok attend g!rly ...

Utilisateur anonyme · Answer

faut du temps ... analyser les rapports etc ...

g!rly · Answer

je ne voie rien qui me sauterait au yeux`
a part ton probleme de deconnection, y a t-il autre chose ?
@+

g!rly · Answer

ok

tu as traficoté quelque chose avec ton bureau > crées des regles de demarrage ou bien ?

@+

Utilisateur anonyme · Answer

RE on va essayer ça :


telecharge zeb retore : 

http://telechargement.zebulon.fr/zeb-restore.html 

dezippe le 

fais un clic sur zeb retore (la roue dentelé) 



coches un a un les differentes proposition et clic sur restaurer

ensuite redémarre le pc et test

navino · Answer

HOLALALA RIEN  N'EST RESOLU   quand le navigateur orange apparait le son  hoquette en continue  je clik dans la barre des taches qui va et viens (yoyotte)  et dans demarrer/arreter  tout valse

BIGRE BIGRE çà àl'aire d'etre serieux  tout çà!!!!

s'il faut que j'appuie sur  ctrl a chaque fois    CURIEUX   

l'ecran  d'origine arriere plan  n'est plus seul un ecran  bleu  je vais remttre ll'arriere plan hp

Utilisateur anonyme · Answer

bilan ton pc est clean mis a part ce soucis bien ennuyeux

ce que je te propose est de faire une restauration a une date antérieure a tes problemes ...

Utilisateur anonyme · Answer

l ennui moi perso la je vois pas 

sorry parfois y a pas de réponses ....

ciao @++

g!rly · Answer

re,

essaie ceci 

click sur demarrer > executer > tape msconfig et valide par ok

click sur l´onglet programme de demarrage ou demarrage

puis arrete ces entrées enfin tu les enleve du demarrage...

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe~6DADJ5LP (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe~GNC9GLCP (User 'Default user')
O4 - .DEFAULT User Startup: desktop.ini~8O1BTFNF (User 'Default user')
O4 - .DEFAULT User Startup: desktop.ini~FFJ4IJOH (User 'Default user') 

redemnarre le pc et dis moi si il y a du mieux

@+

g!rly · Answer

passe ceci pour voir stp

Télécharge OAD http://sosvirus.changelog.fr/OAD.exe
- Enregistre le sur ton bureau

Double clique sur le OAD pour le lancer

- nom de fichier à rechercher tape ou fais un copier coller de :

6DADJ5LP

- Type de recherche : sélectionne l'option 6 puis valide


OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ait terminé.
Le rapport de recherche s'affichera automatiquement à l’écran dès qu'il aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain post.

Note importante : Suivant la taille des disques durs cette recherche peut prendre plusieurs minutes. Sois patient

fais la même chose pour ceux ci

8O1BTFNF

@+

g!rly · Answer

oui ?

g!rly · Answer

Salut navino,

oui la recherche d´hier a ete infructueuse.

on va rechercher ceci :

AutoTBar

desktop

Double clique sur le OAD pour le lancer

- nom de fichier à rechercher tape ou fais un copier coller de :

AutoTBar

- Type de recherche : sélectionne l'option 6 puis valide


OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ait terminé.
Le rapport de recherche s'affichera automatiquement à l’écran dès qu'il aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain post.

Note importante : Suivant la taille des disques durs cette recherche peut prendre plusieurs minutes. Sois patient

fais la même chose pour ce ci 

desktop

@+

g!rly · Answer

salut,

et bien bon courrage...

spywareblaster :

http://www.brightfort.com/spywareblaster.html

c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"

tuto : https://www.malekal.com/tutorial-spywareblaster/

et

spyware gard :

https://www.zebulon.fr/dossiers/securite/47-spywareguard.html

tu as quoi comme anti virus ? par feu ?

@+

g!rly · Answer

re,

tu peux installer celui ci :

Comodo 3 pro :

http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro

tuto : https://www.malekal.com/tutorial-comodo-firewall/

@+

g!rly · Answer

salut,

tu as fais quelque chose de special pour que ca recommence ?

@+

g!rly · Answer

écoute,je ne sais pas trop quoi te dire... je suis désolé...
toute ces restaurations ect, rendent forcement windows instable...
vraiment si tu ne veux pas formater sans rien perdre sauvegarde tes données et fais le quand meme...
désolé...

g!rly · Answer

je veux bien mais je crois que c´est peine perdue...

NAVINO · Answer

REVOILA  je ne tiens pas à reformater mon disque et revenir tout a zero!!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:29:40, on 05/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospectetrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: Shell=
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mspd] C:\WINDOWS\system32\mspd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.118712.fr/sortir/75_paris/sortir/
O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin
pseatools.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 85.255.115.3,85.255.112.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{60BC1E9A-0E52-4F15-84B5-10A9CE9BAA32}: NameServer = 85.255.115.3,85.255.112.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.1 80.10.246.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2BCA6B3-F63D-47E6-90B1-632926D980C7}: NameServer = 85.255.115.3,85.255.112.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 85.255.115.3,85.255.112.12
O17 - HKLM\System\CS2\Services\Tcpip\..\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF}: NameServer = 85.255.115.3,85.255.112.12
O18 - Protocol: bw+0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: CLKERN.DLL,pushow69.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospectetrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

g!rly · Answer

la donne est differente avec ce rapport...

Télécharge FixWareout d'un de ces deux sites sur le bureau:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe

Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt)

puis

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe     

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Post egalement un nouveau rapport hijack this stp

@+

Utilisateur anonyme · Answer

Kikou G!rly y en a un qui s incruste ........

g!rly · Answer

Tape l´incruste Chiquitine; no worries ;-)
@+

g!rly · Answer

Edit :

cependant tu etais deja là au debut; hi hi...

Utilisateur anonyme · Answer

bah ouais !! hi hi

g!rly · Answer

;-)
pas facile...

NAVINO · Answer

voilà je dis bonjour au passage a l'autre collegue!! oui c pas fcaile je prefererais autrement!!!! la barre des taches remues toujours ! 1er rapport Username "Propri‚taire" - 05/06/2008 21:47:52 [Fixwareout edited 9/01/2007] ~~~~~ Prerun check HKEY_LOCAL_MACHINE\system\currentcontrolset\services cpip\parameters\interfaces\{07AC7E6A-5786-45C8-AB0B-E982A7D7C5BF} "nameserver"="85.255.115.3,85.255.112.12" d-------- C:\fixwareout 2008-06-05 18:56 . 2008-03-21 22:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-06-05 18:56 . 2008-01-10 14:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-06-05 18:56 . 2006-09-24 17:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm 2008-06-05 18:56 . 2008-01-10 14:16 159,839 --a------ C:\WINDOWS\system32\xvidvfw.dll 2008-06-05 18:56 . 2008-03-21 22:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll 2008-06-05 18:56 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml 2008-06-05 18:37 . 2008-06-05 18:37 d-------- C:\Program Files\TerraTec 2008-06-05 17:42 . 2008-06-05 17:42 d-------- C:\fichier pourtnt 2008-06-05 17:42 . 2008-06-05 22:01 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-05 13:42 . 2008-06-05 17:58 d-------- C:\Documents and Settings\All Users\Application Data\TerraTec 2008-06-05 12:19 . 2008-06-05 17:56 d-------- C:\CYNERGIE PILOTES20072008 2008-06-05 07:22 . 2008-06-05 17:56 d-------- C:\Favoris 2008-06-05 06:21 . 2008-06-05 06:21 36,195 --a------ C: nt11.jpg 2008-06-05 00:18 . 2008-06-05 00:18 118 --a------ C:\WINDOWS\system32\MRT.INI 2008-06-04 22:39 . 2008-06-05 17:42 d-------- C:\TERRATEC112007 2008-06-04 21:58 . 2008-06-05 20:49 d-------- C:\Program Files\SpywareBlaster 2008-06-04 21:44 . 2008-06-04 21:44 d-------- C:\Drive(C) 2008-06-04 20:46 . 2008-06-04 20:46 d-------- C:\Program Files\Avira 2008-06-04 20:46 . 2008-06-04 20:46 d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-06-04 17:20 . 2007-07-09 15:19 582,656 -----c--- C:\WINDOWS\system32\dllcache pcrt4.dll 2008-06-04 17:19 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-06-04 17:19 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-06-04 17:19 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-06-04 17:19 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-06-04 17:19 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-06-04 17:19 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-06-04 17:19 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-06-04 17:19 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-06-04 17:19 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-06-04 17:10 . 2008-06-04 17:10 d-------- C:\Program Files\SAGEM 2008-06-04 16:56 . 2006-02-15 10:15 176,128 --a------ C:\WINDOWS\autoclk.exe 2008-06-04 16:53 . 2008-06-04 17:10 14 --a------ C:\WINDOWS\adiras.ini 2008-06-04 16:25 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-06-04 16:25 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-06-04 16:25 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-06-04 16:25 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2008-06-04 15:42 . 2008-06-04 20:06 d-------- C: erratec4062008 2008-06-04 11:06 . 2008-06-04 11:06 d-------- C:\Program Files\RegCleaner 2008-06-04 11:05 . 2008-06-05 18:56 d-------- C:\Program Files\K-Lite Codec Pack . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-05 20:09 --------- d-----w C:\Program Files\Wanadoo 2008-06-05 16:54 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-06-05 16:38 --------- d-----w C:\Program Files\Fichiers communs\TerraTec 2008-06-05 16:14 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-06-04 15:10 31 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg 2008-06-04 15:10 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-04 12:55 --------- d-----w C:\Program Files\MSN Messenger 2008-06-04 09:06 --------- d-----w C:\Program Files\RegCleaner(2) 2008-06-04 09:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-06-04 09:05 --------- d-----w C:\Program Files\K-Lite Codec Pack(2) 2008-06-04 09:03 --------- d-----w C:\Program Files\ONES (F) 2006-05-03 02:24 5 -c--a-w C:\Program Files emp2.exe 2006-05-03 02:24 38 -c--a-w C:\Program Files emp3.exe 2005-10-29 06:52 54 -c--a-w C:\Program Files\bit.bat 2005-10-29 06:52 54 ----a-w C:\Program Files\bit3.bat 2005-10-29 06:52 54 ----a-w C:\Program Files\bit2.bat 2005-10-29 06:51 54 ----a-w C:\Program Files\inc1.bat 2005-10-29 06:51 41 ----a-w C:\Program Files\sleep.bat 2005-03-05 11:58 56 --sh--r C:\WINDOWS\system32\600F43451F.sys 2005-03-03 09:38 56 --sh--r C:\WINDOWS\system32\6253F84B4E.sys . [code]

----a-w        14,597,893 2007-03-06 13:34:08  C:\Documents and Settings\Propriétaire\Mes documents\jmj.navino1\3.3.1_Installation Player Orange .exe

/code ------- Sigcheck ------- 2003-09-22 01:12 12800 333a4db8410d8e24db06d6aebecdc7c2 C:\WINDOWS\$NtServicePackUninstall$\svchost.exe 2004-08-20 01:10 14336 2979b03d5382a602623c0535b16ab9c0 C:\WINDOWS\ServicePackFiles\i386\svchost.exe 2004-08-20 01:10 14336 2979b03d5382a602623c0535b16ab9c0 C:\WINDOWS\system32\svchost.exe 2003-09-20 11:03 75264 20c6d9f9522dda0f9a8e4b8641ca9245 C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll 2004-08-20 01:09 82944 eed74b969b2ca1acc558ff60fb420e28 C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll 2004-08-20 01:09 82944 eed74b969b2ca1acc558ff60fb420e28 C:\WINDOWS\system32\ws2_32.dll 2004-06-17 02:08 487424 f5d97f77ac97b244ff33280154186065 C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe 2003-09-22 00:57 520704 71820bc9ee6653c8748922459dfc384d C:\WINDOWS\$NtUninstallKB841533$\winlogon.exe 2004-08-20 01:10 506368 123eea158f74d0f67a51dcdf065d1091 C:\WINDOWS\ServicePackFiles\i386\winlogon.exe 2004-08-20 01:10 506368 123eea158f74d0f67a51dcdf065d1091 C:\WINDOWS\system32\winlogon.exe 2003-03-06 18:30 162432 09b38768036508b51564201afb000950 C:\WINDOWS\$NtServicePackUninstall$ dis.sys 2003-09-23 03:56 167552 3b350e5a2a5e951453f3993275a4523a C:\WINDOWS\$NtUninstallQ815485$ dis.sys 2004-08-04 08:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\ServicePackFiles\i386 dis.sys 2004-08-04 08:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache dis.sys 2004-08-04 08:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers dis.sys 2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys 2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2005-02-16 12:47 101888 fc0691097471ee374907e1024edcbd43 C:\WINDOWS\$NtServicePackUninstall$\services.exe 2004-08-20 01:10 108544 63dcde1a0d86eeb8924d6738ff616ead C:\WINDOWS\ServicePackFiles\i386\services.exe 2004-08-20 01:10 108544 63dcde1a0d86eeb8924d6738ff616ead C:\WINDOWS\system32\services.exe 2003-09-20 13:18 11776 b7b1c150aff59455db4df082815f88f5 C:\WINDOWS\$NtServicePackUninstall$\lsass.exe 2004-08-20 01:09 13312 259af82a0932eea4f316f92db94707b6 C:\WINDOWS\ServicePackFiles\i386\lsass.exe 2004-08-20 01:09 13312 259af82a0932eea4f316f92db94707b6 C:\WINDOWS\system32\lsass.exe 2003-09-23 03:45 13312 2c856908ee61424238772508e9fbcbc8 C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe 2004-08-20 01:09 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe 2004-08-20 01:09 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\system32\ctfmon.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{AD6E6555-FB2C-47D4-8339-3E2965509877}"= "C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL" [2007-09-20 16:19 527360] [HKEY_CLASSES_ROOT\clsid\{ad6e6555-fb2c-47d4-8339-3e2965509877}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23 102400] "Acme.PCHButton"="C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe" [2004-01-02 04:51 155648] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 20:49 307200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WD Button Manager"="WDBtnMgr.exe" [2005-02-17 23:59 143360 C:\WINDOWS\system32\WDBtnMgr.exe] "SetIcon"="\Program Files\WDC\SetIcon.exe" [2004-01-30 10:03 46080] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 13:34 406016] "P17Helper"="P17.dll" [2005-05-03 20:38 64512 C:\WINDOWS\system32\P17.dll] "nwiz"="nwiz.exe" [2006-06-01 17:22 1519616 C:\WINDOWS\system32 wiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 17:22 86016] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 17:22 7618560] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "mspd"="C:\WINDOWS\system32\mspd.exe" [2003-08-27 23:22 389632] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-25 12:01 1397760] "hpfsched"="C:\WINDOWS\hpfsched.exe" [1998-09-23 23:42 35328] "DVDTray"="C:\Program Files\HP DVD\Umbrella\DVDTray.exe" [2004-09-03 10:14 53248] "CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 11:43 57344] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-17 12:47 87584] "TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-18 18:58 1185264] "AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-18 19:02 1961576] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 04:23 75520] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58 282624] "TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe" [2008-05-14 11:32 1101824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=CLKERN.DLL,pushow69.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 relog_ap [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiVir] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq lite] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] --a------ 2003-02-11 13:02 61440 C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] --a------ 2006-09-11 09:11 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechGalleryRepair] --a------ 2002-12-10 18:32 155648 C:\Program Files\Logitech\ImageStudio\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechImageStudioTray] --a------ 2002-12-10 18:31 61440 C:\Program Files\Logitech\ImageStudio\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS] --a------ 2002-12-10 17:54 127022 C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msconfig] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2006-10-25 19:58 282624 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2003-10-31 19:42 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TerraTec Remote Control] --a------ 2008-05-14 11:32 1101824 C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Update Checker] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2006-11-21 19:38 35328 C:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion un-] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un-] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime "TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe"= "C:\Program Files\Messenger\msmsgs.exe"= "C:\Program Files\eMule\emule.exe"= "C:\Program Files\LimeWire\LimeWire.exe"= "C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe"= "C:\Program Files\eChanblard\emule.exe"= "C:\Program Files\Shareaza\Shareaza.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"= "C:\Program Files\HP\HP Software Update\HPWUCli.exe"= "C:\Program Files\Internet Explorer\iexplore.exe"= "C:\Program Files\InterVideo\DVD7\WinDVD.exe"= "C:\Program Files\Warez\Warez.exe"= "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"= "C:\Program Files\Conference\Conference.dll"= "%windir%\Network Diagnostic\xpnetdiag.exe"= "C:\Program Files\iTunes\iTunes.exe"= "C:\Program Files\MSN Messenger\msnmsgr.exe"= "C:\Program Files\MSN Messenger\livecall.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvrUpdate\CinergyDVRUp_Date.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvrHelper.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2004-03-10 22:32] R1 lusbaudio;Logitech USB Microphone;C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 14:20] R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-02-28 04:12] R1 SSHDRV65;SSHDRV65;C:\WINDOWS\system32\drivers\SSHDRV65.sys [2005-02-19 18:43] R2 HPFECP13;HPFECP13;C:\WINDOWS\system32\drivers\HPFECP13.SYS [1998-09-25 10:55] R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-20 01:10] R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 18:50] R3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 14:21] R3 LVVI500A;LVVI500A Service;C:\WINDOWS\system32\DRIVERS\lvvi500a.sys [2002-06-10 14:24] R3 TTCinergyT2;TerraTec Cinergy T² (BDA);C:\WINDOWS\system32\DRIVERS\TTCinergyT2BDA.sys [2007-07-12 21:38] R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58] R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08] S2 gafwload;ECI Telecom USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2002-01-22 22:01] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-03-02 19:25] S3 AIDA32Driver;AIDA32Driver;C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys [2004-02-23 05:07] S3 inibtmgr;WD Bridge Controller Driver;C:\WINDOWS\system32\DRIVERS\inibtmgr.sys [2003-12-09 12:53] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad389d6e-2bb0-11db-97c3-806d6172696f}] \Shell\AutoRun\command - G:\SH-S182D(TS-H652D).exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-02-26 12:14:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-02-17 05:27:11 C:\WINDOWS\Tasks\Connexion Facile à Internet.job"

g!rly · Answer

tu peux poster le nouveau rapport hijack this stp

navino · Answer

excuse j'avais oublié   voilà!:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42, on 2008-06-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospectetrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDVR.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mspd] C:\WINDOWS\system32\mspd.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.118712.fr/sortir/75_paris/sortir/
O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin
pseatools.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bw+0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospectetrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

g!rly · Answer

ok

desinstale antivir pour le moment

puis

Copie le texte ci-dessous :

File::
C:\WINDOWS\system32\pushow69.dll
C:\WINDOWS\system32\mspd.exe
C:\WINDOWS\system32\drivers\oreans32.sys

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mspd"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""

Driver::
oreans32

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix, 

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

c´est quoi ce programme :

C:\Program Files\Horloge 2005

@+

navino · Answer

ok   horloge 2005  est un petit programme tres pratique  qui se loge dans le haut de l'ecran  avec dayte et heure
quand la souris viens a proximité il glisse a l'exterieur du bureau     çà ne me gene pas  c pas  unmauvais programme!!

bon je continue...

g!rly · Answer

ok

@+

navino · Answer

voilà je vais lancer combo

g!rly · Answer

ok

deconnecte toi du net !

@+

navino · Answer

voilà oui je me suis deconnecté j'ai enlevé aviira je n'ai pas eu a faire le de 1 ou 2 ?? la barre des taches lorsque je vais dessus yoyote donc je la stabilise avec ctrl POURQUOI elle vas et viiens c un mauvais programme qui me nuies???? donc le rapport ComboFix 08-06-05.3 - Propriétaire 2008-06-05 23:48:00.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1623 [GMT 2:00] Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Propriétaire\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\WINDOWS\system32\drivers\oreans32.sys C:\WINDOWS\system32\mspd.exe C:\WINDOWS\system32\pushow69.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\drivers\oreans32.sys C:\WINDOWS\system32\mspd.exe . ---- Previous Run ------- . C:\Documents and Settings\LocalService\Application Data\NetMon C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt C:\Program Files\msmovies C:\Program Files\outlook C:\WINDOWS\aconti.ini C:\WINDOWS\drsmartload2.dat C:\WINDOWS\keyboard141.dat C:\WINDOWS ewname.dat H:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_OREANS32 -------\Service_oreans32 ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-05 to 2008-06-05 )))))))))))))))))))))))))))))))))))) . 2008-06-05 21:47 . 2008-06-05 21:51 d-------- C:\fixwareout 2008-06-05 18:56 . 2008-03-21 22:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-06-05 18:56 . 2008-01-10 14:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-06-05 18:56 . 2006-09-24 17:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm 2008-06-05 18:56 . 2008-01-10 14:16 159,839 --a------ C:\WINDOWS\system32\xvidvfw.dll 2008-06-05 18:56 . 2008-03-21 22:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll 2008-06-05 18:56 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml 2008-06-05 18:37 . 2008-06-05 18:37 d-------- C:\Program Files\TerraTec 2008-06-05 17:42 . 2008-06-05 17:42 d-------- C:\fichier pourtnt 2008-06-05 17:42 . 2008-06-05 22:34 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-05 13:42 . 2008-06-05 17:58 d-------- C:\Documents and Settings\All Users\Application Data\TerraTec 2008-06-05 12:19 . 2008-06-05 17:56 d-------- C:\CYNERGIE PILOTES20072008 2008-06-05 07:22 . 2008-06-05 17:56 d-------- C:\Favoris 2008-06-05 06:21 . 2008-06-05 06:21 36,195 --a------ C: nt11.jpg 2008-06-05 00:18 . 2008-06-05 00:18 118 --a------ C:\WINDOWS\system32\MRT.INI 2008-06-04 22:39 . 2008-06-05 17:42 d-------- C:\TERRATEC112007 2008-06-04 21:58 . 2008-06-05 20:49 d-------- C:\Program Files\SpywareBlaster 2008-06-04 21:44 . 2008-06-04 21:44 d-------- C:\Drive(C) 2008-06-04 20:46 . 2008-06-05 23:41 d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-06-04 17:20 . 2007-07-09 15:19 582,656 -----c--- C:\WINDOWS\system32\dllcache pcrt4.dll 2008-06-04 17:19 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-06-04 17:19 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-06-04 17:19 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-06-04 17:19 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-06-04 17:19 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-06-04 17:19 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-06-04 17:19 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-06-04 17:19 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-06-04 17:19 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-06-04 17:10 . 2008-06-04 17:10 d-------- C:\Program Files\SAGEM 2008-06-04 16:56 . 2006-02-15 10:15 176,128 --a------ C:\WINDOWS\autoclk.exe 2008-06-04 16:53 . 2008-06-04 17:10 14 --a------ C:\WINDOWS\adiras.ini 2008-06-04 16:25 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-06-04 16:25 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-06-04 16:25 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-06-04 16:25 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2008-06-04 15:42 . 2008-06-04 20:06 d-------- C: erratec4062008 2008-06-04 11:06 . 2008-06-04 11:06 d-------- C:\Program Files\RegCleaner 2008-06-04 11:05 . 2008-06-05 18:56 d-------- C:\Program Files\K-Lite Codec Pack . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-05 21:46 --------- d-----w C:\Program Files\Wanadoo 2008-06-05 21:25 --------- d-----w C:\Program Files\Horloge 2005 2008-06-05 16:54 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-06-05 16:38 --------- d-----w C:\Program Files\Fichiers communs\TerraTec 2008-06-05 16:14 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-06-04 15:10 31 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg 2008-06-04 15:10 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-04 12:55 --------- d-----w C:\Program Files\MSN Messenger 2008-06-04 09:06 --------- d-----w C:\Program Files\RegCleaner(2) 2008-06-04 09:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-06-04 09:05 --------- d-----w C:\Program Files\K-Lite Codec Pack(2) 2008-06-04 09:03 --------- d-----w C:\Program Files\ONES (F) 2006-05-03 02:24 5 -c--a-w C:\Program Files emp2.exe 2006-05-03 02:24 38 -c--a-w C:\Program Files emp3.exe 2005-10-29 06:52 54 -c--a-w C:\Program Files\bit.bat 2005-10-29 06:52 54 ----a-w C:\Program Files\bit3.bat 2005-10-29 06:52 54 ----a-w C:\Program Files\bit2.bat 2005-10-29 06:51 54 ----a-w C:\Program Files\inc1.bat 2005-10-29 06:51 41 ----a-w C:\Program Files\sleep.bat 2005-03-05 11:58 56 --sh--r C:\WINDOWS\system32\600F43451F.sys 2005-03-03 09:38 56 --sh--r C:\WINDOWS\system32\6253F84B4E.sys . [code]

----a-w        14,597,893 2007-03-06 13:34:08  C:\Documents and Settings\Propriétaire\Mes documents\jmj.navino1\3.3.1_Installation Player Orange .exe

/code ------- Sigcheck ------- 2003-09-22 01:12 12800 333a4db8410d8e24db06d6aebecdc7c2 C:\WINDOWS\$NtServicePackUninstall$\svchost.exe 2004-08-20 01:10 14336 2979b03d5382a602623c0535b16ab9c0 C:\WINDOWS\ServicePackFiles\i386\svchost.exe 2004-08-20 01:10 14336 2979b03d5382a602623c0535b16ab9c0 C:\WINDOWS\system32\svchost.exe 2003-09-20 11:03 75264 20c6d9f9522dda0f9a8e4b8641ca9245 C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll 2004-08-20 01:09 82944 eed74b969b2ca1acc558ff60fb420e28 C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll 2004-08-20 01:09 82944 eed74b969b2ca1acc558ff60fb420e28 C:\WINDOWS\system32\ws2_32.dll 2004-06-17 02:08 487424 f5d97f77ac97b244ff33280154186065 C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe 2003-09-22 00:57 520704 71820bc9ee6653c8748922459dfc384d C:\WINDOWS\$NtUninstallKB841533$\winlogon.exe 2004-08-20 01:10 506368 123eea158f74d0f67a51dcdf065d1091 C:\WINDOWS\ServicePackFiles\i386\winlogon.exe 2004-08-20 01:10 506368 123eea158f74d0f67a51dcdf065d1091 C:\WINDOWS\system32\winlogon.exe 2003-03-06 18:30 162432 09b38768036508b51564201afb000950 C:\WINDOWS\$NtServicePackUninstall$ dis.sys 2003-09-23 03:56 167552 3b350e5a2a5e951453f3993275a4523a C:\WINDOWS\$NtUninstallQ815485$ dis.sys 2004-08-04 08:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\ServicePackFiles\i386 dis.sys 2004-08-04 08:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache dis.sys 2004-08-04 08:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers dis.sys 2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys 2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2005-02-16 12:47 101888 fc0691097471ee374907e1024edcbd43 C:\WINDOWS\$NtServicePackUninstall$\services.exe 2004-08-20 01:10 108544 63dcde1a0d86eeb8924d6738ff616ead C:\WINDOWS\ServicePackFiles\i386\services.exe 2004-08-20 01:10 108544 63dcde1a0d86eeb8924d6738ff616ead C:\WINDOWS\system32\services.exe 2003-09-20 13:18 11776 b7b1c150aff59455db4df082815f88f5 C:\WINDOWS\$NtServicePackUninstall$\lsass.exe 2004-08-20 01:09 13312 259af82a0932eea4f316f92db94707b6 C:\WINDOWS\ServicePackFiles\i386\lsass.exe 2004-08-20 01:09 13312 259af82a0932eea4f316f92db94707b6 C:\WINDOWS\system32\lsass.exe 2003-09-23 03:45 13312 2c856908ee61424238772508e9fbcbc8 C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe 2004-08-20 01:09 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe 2004-08-20 01:09 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\system32\ctfmon.exe . ((((((((((((((((((((((((((((( snapshot@2008-06-05_22.21.29.60 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-05 20:08:19 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-05 21:52:57 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{AD6E6555-FB2C-47D4-8339-3E2965509877}"= "C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL" [2007-09-20 16:19 527360] [HKEY_CLASSES_ROOT\clsid\{ad6e6555-fb2c-47d4-8339-3e2965509877}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23 102400] "Acme.PCHButton"="C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe" [2004-01-02 04:51 155648] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 20:49 307200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WD Button Manager"="WDBtnMgr.exe" [2005-02-17 23:59 143360 C:\WINDOWS\system32\WDBtnMgr.exe] "SetIcon"="\Program Files\WDC\SetIcon.exe" [2004-01-30 10:03 46080] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 13:34 406016] "P17Helper"="P17.dll" [2005-05-03 20:38 64512 C:\WINDOWS\system32\P17.dll] "nwiz"="nwiz.exe" [2006-06-01 17:22 1519616 C:\WINDOWS\system32 wiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 17:22 86016] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 17:22 7618560] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-25 12:01 1397760] "hpfsched"="C:\WINDOWS\hpfsched.exe" [1998-09-23 23:42 35328] "DVDTray"="C:\Program Files\HP DVD\Umbrella\DVDTray.exe" [2004-09-03 10:14 53248] "CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 11:43 57344] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-17 12:47 87584] "TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-18 18:58 1185264] "AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-18 19:02 1961576] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 04:23 75520] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58 282624] "TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe" [2008-05-14 11:32 1101824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 relog_ap [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiVir] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq lite] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] --a------ 2003-02-11 13:02 61440 C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] --a------ 2006-09-11 09:11 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechGalleryRepair] --a------ 2002-12-10 18:32 155648 C:\Program Files\Logitech\ImageStudio\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechImageStudioTray] --a------ 2002-12-10 18:31 61440 C:\Program Files\Logitech\ImageStudio\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS] --a------ 2002-12-10 17:54 127022 C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msconfig] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2006-10-25 19:58 282624 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2003-10-31 19:42 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TerraTec Remote Control] --a------ 2008-05-14 11:32 1101824 C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Update Checker] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2006-11-21 19:38 35328 C:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion un-] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un-] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime "TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe"= "C:\Program Files\Messenger\msmsgs.exe"= "C:\Program Files\eMule\emule.exe"= "C:\Program Files\LimeWire\LimeWire.exe"= "C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe"= "C:\Program Files\eChanblard\emule.exe"= "C:\Program Files\Shareaza\Shareaza.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"= "C:\Program Files\HP\HP Software Update\HPWUCli.exe"= "C:\Program Files\Internet Explorer\iexplore.exe"= "C:\Program Files\InterVideo\DVD7\WinDVD.exe"= "C:\Program Files\Warez\Warez.exe"= "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"= "C:\Program Files\Conference\Conference.dll"= "%windir%\Network Diagnostic\xpnetdiag.exe"= "C:\Program Files\iTunes\iTunes.exe"= "C:\Program Files\MSN Messenger\msnmsgr.exe"= "C:\Program Files\MSN Messenger\livecall.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvrUpdate\CinergyDVRUp_Date.exe"= "C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvrHelper.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2004-03-10 22:32] R1 lusbaudio;Logitech USB Microphone;C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 14:20] R1 SSHDRV65;SSHDRV65;C:\WINDOWS\system32\drivers\SSHDRV65.sys [2005-02-19 18:43] R2 HPFECP13;HPFECP13;C:\WINDOWS\system32\drivers\HPFECP13.SYS [1998-09-25 10:55] R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-20 01:10] R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 18:50] R3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 14:21] R3 LVVI500A;LVVI500A Service;C:\WINDOWS\system32\DRIVERS\lvvi500a.sys [2002-06-10 14:24] R3 TTCinergyT2;TerraTec Cinergy T² (BDA);C:\WINDOWS\system32\DRIVERS\TTCinergyT2BDA.sys [2007-07-12 21:38] R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58] R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08] S2 gafwload;ECI Telecom USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2002-01-22 22:01] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-03-02 19:25] S3 AIDA32Driver;AIDA32Driver;C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys [2004-02-23 05:07] S3 inibtmgr;WD Bridge Controller Driver;C:\WINDOWS\system32\DRIVERS\inibtmgr.sys [2003-12-09 12:53] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad389d6e-2bb0-11db-97c3-806d6172696f}] \Shell\AutoRun\command - G:\SH-S182D(TS-H652D).exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-02-26 12:14:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-02-17 05:27:11 C:\WINDOWS\Tasks\Connexion Facile à Internet.job" 2 rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:11, on 2008-06-06 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32 vsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Dantz\Retrospect etrorun.exe C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WDBtnMgr.exe C:\Program Files\WDC\SetIcon.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\HP DVD\Umbrella\DVDTray.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\WINDOWS\system32 undll32.exe C:\Program Files\Horloge 2005\Horloge 2005.exe C:\Program Files\Rainlendar\Rainlendar.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe" O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe" O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU) O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.118712.fr/sortir/75_paris/sortir/ O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/... O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin pseatools.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326 O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 80.10.246.1 81.253.149.2 O18 - Protocol: bw+0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing) O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32 vsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect etrorun.exe O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

g!rly · Answer

Franchement moi je voie des infections, je les enleves et essaie de comprendre, mais je t´avoue que j´ai du mal...

ce programme te sert a quoi : C:\Program Files\Fichiers communs\TerraTec

ceci te dis quelque chose : P17Helper

je vais me coucher

je repasserais demain...

bonne nuit

@+

navino · Answer

ok    moi de même   bonne nuit  a demain

terratec c la TNT tele numerique     d'ailleurs   je n'arrive plus à la faire marcher depuis ce matin   les chaines sont enregistrées  mais elles ne se mettent pas en route      je crois çà a ete la cause  de ce probleme   en essaynat de faire une restaure qui marchait  donc là je ne peux plus regarder la tele dans l'ordi avec la TNT de chez TERRATEC!!

p17helper non pas vraiment c'est quoi??  j'ai fait une recherche   çà n'as rien donne l'ordi n'as pas trouvé!!???

@+++

g!rly · Answer

Salut navino,

c´est pas etonnant que windows parte en coccienelle avec le nombre de cracks infectés que tu avais !

contente que ta barre des taches ne yoyote plus ;-)

post un nouveau hijack this stp

@+

NAVINO · Answer

BONSOIR !!
    j'avais récolté  des programmes en peer to peer et leurs cracks!!!  ils ont été enlevé??


j'espere que çà vas !!  ma barre ne yoyotte plus  j'ai eu cette apm  2 - 3 deconnections du navigateur orange

 est ce qu tu saurais  me remettre en marche  la cinergie T2 de terractec   TNT si je poste  son log?

bon voila hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:00, on 2008-06-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospectetrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\WINDOWS\system32undll32.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - https://www.nordnet.com/securite
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.118712.fr/sortir/75_paris/sortir/
O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin
pseatools.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bw+0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospectetrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

g!rly · Answer

bonsoir,

je veux oui que les cracks infectés ont ete supprimés > regarde dans la quarantaine d´antivir tu va voir o_Ö tu peux la vider en meme temps

pour la tnt tu m´en demande trop, je ne sais pas... tu n´as pas moyen de voir ca avec orange ?

on va fixer le superflue :

a l´aide de hijack this coche et fix ;

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') 
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.ville.orange.fr/CO/activex/AxisCamControl.cab
O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file://E:\WEBPULL\SUPPORT\DISC\ASP\TOOLS\EN\bin
pseatools.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bw+0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F18DFF40-EE04-4BD9-9284-FE3384BF23A6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll 

comment fixer :



telecharge : autoruns

https://www.clubic.com/telecharger-fiche15501-microsoft-autoruns.html

tu dezip les fichiers dans un dossier que tu auras cré aur ton bureau au paravant appelé par exemple autoruns

puis tu click sur autoruns.exe

lá, la fentre du programme va s´afficher avec tout plein de clef et de processus.

click sur l´onglet services.

dans cette fenetre repère ce service :  AVG7 Alert Manager Server (Avg7Alrt)tu click droit dessus et dans l´arborescence click sur delete  pareil pour :

AVG7 Update Service (Avg7UpdSvc)
AVG Firewall (AVGFwSrv)

et referme le programme autoruns...

puis (important)

regarde ce tutorial pour mettre ta console java a jour :
 
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/

et

ta version de acrobat reader n´est pas a jour, tu veux la version 8.1 derniere en date alors desinstale ta version par le panneau de configuration / ajoue et suppression de programme

et instale la derniere :

https://get2.adobe.com/reader/otherversions/

ou oublie completement acrobat reader et instales foxit plus léger a la place:

https://www.clubic.com/telecharger-fiche13808-foxit-reader.html

@+

g!rly · Answer

navino

pour java tu as du confondre avec flash player dans le tutorial de malekal regarde a nouveau 

pour acrobat resder, cool pour foxit, mais supprime acrobat reader completement par le panneau de configuration/ajoue et suppression de programme

pour les logo des pages internet, mister et boule de net

tu as firefox, ca le fais egalement quand tu surf avec lui

http://www.mozilla-europe.org/fr/

plugins : ad block plus, no script ect...

https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org

@+

g!rly · Answer

Salut Navino,

oui 6h30, t´es un leve tot !

pour la tnt, je ne voie pas car je ne connais pas le logiciel... 

oui supprime toute tes versions de java anterieures a celle que tu viens d´installer, il y a aussi des tracces dans le registre > regarde a nouveau le tuto de malekal...

puis

demarrer> panneau de configuration > outils system> journal des evenements > dis moi quelless erreures tu as

puis passe :

Fais un scan avec cet antispyware :

Telecharge malwarebytes + tutoriel :

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc... 

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

@+

NAVINO · Answer

ok 13h55  je reviens  je vais continuer tes indications precieuses

NAVINO · Answer

voilà j'ai enleve  l' ancien java

avecles clefs  j'espere que c'etais çà

1.01
1.0.1_02
1.0.1_03
1.0.1_04
1.2
1.2.0_1
1.6.0_06

demarrer> panneau de configuration > outils system> journal des evenements > dis moi quelless erreures tu as 
  je n'ai pas trouve de journal evenements??????

tiens  je viens d'etre deconecte d'orange!!

j'ai aussi de nouveau perdu l'icone  logo du disque dur externe western digital??

bonje continue

g!rly · Answer

14h39,

il ne fallais pas supprimer les cles : 1.6.0_06 c´est la nouvelle version que tu viens de prendre...

regarde cette video pour le journal des evenements

@+

Utilisateur anonyme · Answer

h hi hi quelle video ??

g!rly · Answer

oupsista

http://www.laboratoire-microsoft.org/videos/14871/

g!rly · Answer

re,

as tu supprimé ce que malwarebytes a trouvé ?

pour le journal des evenements c´est la que sont ressencés tes problemes de connection...

avec le numero de l´erreur essaie de voir si tu peux pas arriver a une conclusion

@+

g!rly · Answer

tu voies les numeros d´erreure a coté de tes erreures ?
tu fais une recherche google et tu voies de quoi il s´agit...

NAVINO · Answer

j'ai pas de numero a part dans evenement    il y a 1????     et je met quoi dans google??????  le 1 ??????????



et je n'ai plus mon icone   western  de la marque du disque dur externe comment on l' à remet


ET LE RESTE  çà vas ??

g!rly · Answer

si tu regardes bien il y a un numero a coté de l´erreure ou si tu click dessus

jlpjlp · Answer

pour être le 128 ème...

g!rly · Answer

ha ha

je serais alors le 129eme

viens par ici on s´amuse bien...

jlpjlp · Answer

non pas le mais la 129 ème na!

g!rly · Answer

tu as meme pas lu le topik > carton rouge !

jlpjlp · Answer

heureusement je joue  pas a l'Euro ce carton ne me pénalisera pas...

g!rly · Answer

j´suis sur que tu joues au foot lol

g!rly · Answer

tu as regardé les numeros d´erreures ?

NAVINO · Answer

non pas vu de numeros!!! j'en ai pas!!!  mais j'ai fait propriete   (jai fait un copier  sur nview ou msintaller dans google çà ne me dis rien du tout    là   c de la technique quine me dis rien!!!!!!!!!!!!!!!!!!!!!!!!!!!


 comment on recupere un logo  d'un dsique exerne  qui se presenter  dans poste de trvail  avec toutes les manips il a disparu la petite image  devant le disque dur!!

g!rly · Answer

tu as des erreures dans le journal des evenement...

a toi de les corriger.

pour ce qui ai des logos ect

fais ceci si tu as le cd d´instal

http://www.informatruc.com/reparer-windows-xp/

dis moi quoi

@+

g!rly · Answer

Salut navino,

la reparation windows est peut etre une solution 

tu peux essayer :

http://www.informatruc.com/reparer-windows-xp/

la reparation ne va rien supprimer, tu devras reconfigurer quelques logiciels c´est tout

@+

NAVINO · Answer

BONJOUR  G!rly

jene peux rentrer dans la reparation  xp avec le cd rom!!!!   le cd n'est pas bootable!!


j'ai pu repare la cynergie T2 de chez TERRATEC  grace aux nouveaux pilotes de chez NVIDIA pour la gforce 5200  qui fait que toutes les erreures classées nview  sont reparrées!


si je reparre xp je risque de reperdre les niuveaux pilotes nvidia  aussi ?

il n'y as pas une autre solution pour  remettre le logio pour le disque dur!

g!rly · Answer

comment ca le cd n´est pas bootable ?
il est bien expliqué sur la page :
http://www.informatruc.com/reparer-windows-xp/
comment booter sur le cd...
non tu ne va pas perdre tes pilotes...
@+

Utilisateur anonyme · Answer

Hola guapa !!

il est possible en effet qu un cd telechargé sur emule par exemple ne soit pas bootable

ou si l image cd a été mal faite 

kisses

g!rly · Answer

Moi Chiquitine29,

c´est vrai c´est vrai...

la guapa parle du cd original

Dbisoux`

NAVINO · Answer

quand  j'ai achete  l'ordi HP  j'ai fait  une copie comme me l'avais demandé  hp en 2004    et celui ci n'est pas bootable!!

NAVINO · Answer

je vais passer par un autre chemin chez western digitale pour remettre le logo poyur le disque externe

bon voilà j'espere que tous vas a part encore quelques deconnections??,

NAVINO · Answer

bonsoir 
j'ai reussi a remettre le logo de western digitale en remettant dans le disque l'autorun
voilà


tout a l'aire d'aller  sauf par moment des deconnections incomprehensibles ? a voir ....
@+

g!rly · Answer

Salut navino,

Cool pour tes logos...

Pour les deconnection, je t´ai deja dis qu´il faudrait voir par rapport aux erreures que tu as dans le journal des evenements...

@+

g!rly · Answer

oui moi aussi...

g!rly · Answer

A la bonne heure Navino ;-)
Bonne continuation`
Bye`
g!rly`

S.O.S ma barre des tâches fait le yoyo

100 réponses

Discussions similaires