Pb avec windows security toolbar 2.1

francoise77 -  
 Utilisateur anonyme -
Bonjour, je n'arrive pas a desinstaller windows security tollbar malgré l'utilisation de spybot.Je suis donc a la recherche d'un peu d'aide, voici le rapport hijackthis
Logfile of Tren
Scand Micro HijackThis v2.0.2 saved at 14:49:39, on 08/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Messenger Plus! 3\MsgPlus.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\Program Files\Logitech\Video\LogiTray.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\QuickTime\QTTask.exe
D:\WINDOWS\Logi_MwX.Exe
D:\WINDOWS\system32\cssrss.exe
D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bwgo0000b7f5.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Logitech\Video\FxSvr2.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
D:\Program Files\Executive Software\Diskeeper\DkService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Click-N-Type\Click-N-Type.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnnine.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=""
F2 - REG:system.ini: UserInit=d:\windows\system32\userinit.exe,rundll32.exe start
O2 - BHO: &Research - {037C7B8A-151A-49E6-BAED-CC05FCB50328} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6607E676-1BDE-4cb3-9913-4DC5EBCAE35E} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - D:\WINDOWS\system32\SHDOCVW.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &WinSec Toolbar - {3F5A62E2-51F2-11D3-A075-CC7364CAE42A} - D:\WINDOWS\system32\wscmp.dll
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\RunOnce: [SpybotDeletingA3028] command /c del "D:\WINDOWS\system32\winsrc.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7183] cmd /c del "D:\WINDOWS\system32\winsrc.dll_old"
O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ieupdate] "D:\WINDOWS\system32\ieupdates.exe"
O4 - HKCU\..\Run: [46692068080959966892380183143623] D:\Program Files\XP Antivirus\xpa.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9827] cmd /c del "D:\WINDOWS\system32\winsrc.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [ieupdate] "D:\WINDOWS\system32\ieupdates.exe" (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [46692068080959966892380183143623] D:\Program Files\XP Antivirus\xpa.exe (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1757981266-1532298954-839522115-500 Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe (User '?')
O4 - Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Analyser avec LeechGet - file://D:\Program Files\LeechGet 2004\\Parser.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/actions/related.htm
O8 - Extra context menu item: Télécharger en utilisant l'assistant LeechGet - file://D:\Program Files\LeechGet 2004\\Wizard.html
O8 - Extra context menu item: Télécharger en utilisant LeechGet - file://D:\Program Files\LeechGet 2004\\AddUrl.html
O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm
O9 - Extra button: Ãâ·Ñ¾«²ÊÊÓÆµ³¬Á÷³©ÔÚÏß¹Û¿´ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra 'Tools' menuitem: ²¥°ÔµçÊÓ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.89_20060727.cab
O18 - Protocol: bw+0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe

--
End of file - 23412 bytes
merci d'vance
Configuration: Windows XP
Internet Explorer 6.0

9 réponses

  1. Utilisateur anonyme
     
    si il n y avait que ça comme soucis ....

    Telecharge malwarebytes

    -> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    Tu l´instale; le programme va se mettre automatiquement a jour.

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

    Puis click sur "rechercher".

    Laisse le scanner le pc...

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

    Copie et colle le rapport stp.

    ps : les rapport sont aussi rangé dans l onglet rapport/log
    0
    1. francoise77
       
      merci beaucoup pour ton aide Chiquitine j'ai suivi tes instructions et voici ci-dessous le rapport .Par contre j'ai d'autres soucis anterieur a celui ,je m'explique; a chaque demarrage en attentant l'ecran qui me permet de choisir sur quel systeme d'exploitation je souhaite demarrer, mon pc tourne a plein regime ventilo compris comme si je realisais une analyse antivirus cela peut durer jusqu'a 10-15 minutes je precise que je possede KAV 6.0 et que la licence a expirer il ya quelques semaines.
      Malwarebytes' Anti-Malware 1.15
      Version de la base de données: 842

      14:53:11 09/06/2008
      mbam-log-6-9-2008 (14-53-11).txt

      Type de recherche: Examen rapide
      Eléments examinés: 40572
      Temps écoulé: 3 minute(s), 39 second(s)

      Processus mémoire infecté(s): 1
      Module(s) mémoire infecté(s): 1
      Clé(s) du Registre infectée(s): 7
      Valeur(s) du Registre infectée(s): 10
      Elément(s) de données du Registre infecté(s): 1
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 12

      Processus mémoire infecté(s):
      D:\WINDOWS\system32\cssrss.exe (Backdoor.Knocker) -> Unloaded process successfully.

      Module(s) mémoire infecté(s):
      D:\WINDOWS\system32\wscmp.dll (Trojan.FakeAlert) -> Unloaded module successfully.

      Clé(s) du Registre infectée(s):
      HKEY_CLASSES_ROOT\CLSID\{3f5a62e2-51f2-11d3-a075-cc7364cae42a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{def85c80-216a-43ab-af70-1665edbe2780} (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{6607e676-1bde-4cb3-9913-4dc5ebcae35e} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6607e676-1bde-4cb3-9913-4dc5ebcae35e} (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037c7b8a-151a-49e6-baed-cc05fcb50328} (Adware.Search Toolbar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e853d72-626a-48ec-a868-ba8d5e23e045} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3f5a62e2-51f2-11d3-a075-cc7364cae42a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ieupdate (Backdoor.Delf) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\SpybotDeletingB5637 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\SpybotDeletingB5437 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\SpybotDeletingD3474 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\SpybotDeletingA3028 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\SpybotDeletingC7183 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\SpybotDeletingA4549 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\SpybotDeletingC9417 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WMDM PMSP Service (Backdoor.Knocker) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetPlaces (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      D:\WINDOWS\system32\wscmp.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      D:\WINDOWS\system32\ieupdates.exe (Backdoor.Delf) -> Quarantined and deleted successfully.
      D:\WINDOWS\system32\winsrc.dll_old (Trojan.Agent) -> Quarantined and deleted successfully.
      D:\Documents and Settings\Administrateur\Local Settings\Temp\.ttE.tmp (Trojan.Fakealert) -> Quarantined and deleted successfully.
      D:\Documents and Settings\Administrateur\Local Settings\Temp\MvYR1ljd.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
      D:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
      D:\WINDOWS\system32\unifff.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      D:\Documents and Settings\Administrateur\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
      D:\WINDOWS\system32\cssrss.exe (Backdoor.Knocker) -> Quarantined and deleted successfully.
      D:\WINDOWS\system32\winupdate.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
      D:\WINDOWS\mywinsys.ini (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      D:\WINDOWS\system32\conf.dat (Malware.Trace) -> Quarantined and deleted successfully.



      Au cas ou voici un rapport Hijackthis
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:41:41, on 10/06/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      D:\WINDOWS\System32\smss.exe
      D:\WINDOWS\system32\winlogon.exe
      D:\WINDOWS\system32\services.exe
      D:\WINDOWS\system32\lsass.exe
      D:\WINDOWS\system32\Ati2evxx.exe
      D:\WINDOWS\system32\svchost.exe
      D:\WINDOWS\System32\svchost.exe
      D:\WINDOWS\system32\Ati2evxx.exe
      D:\WINDOWS\system32\spoolsv.exe
      D:\WINDOWS\Explorer.EXE
      D:\Program Files\Messenger Plus! 3\MsgPlus.exe
      D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      D:\WINDOWS\system32\LVCOMSX.EXE
      D:\Program Files\Logitech\Video\LogiTray.exe
      D:\WINDOWS\SOUNDMAN.EXE
      D:\Program Files\QuickTime\QTTask.exe
      D:\WINDOWS\Logi_MwX.Exe
      D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
      D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bwgo0000a8a3.exe
      D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      D:\Program Files\Executive Software\Diskeeper\DkService.exe
      D:\WINDOWS\system32\svchost.exe
      D:\Program Files\Logitech\Video\FxSvr2.exe
      D:\Program Files\Internet Explorer\IEXPLORE.EXE
      D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnnine.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - Default URLSearchHook is missing
      F3 - REG:win.ini: run=""
      F2 - REG:system.ini: UserInit=d:\windows\system32\userinit.exe,rundll32.exe start,
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
      O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - D:\WINDOWS\system32\SHDOCVW.DLL
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
      O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
      O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
      O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
      O4 - HKCU\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [46692068080959966892380183143623] D:\Program Files\XP Antivirus\xpa.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old"
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [46692068080959966892380183143623] D:\Program Files\XP Antivirus\xpa.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old" (User '?')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - S-1-5-21-1757981266-1532298954-839522115-500 Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe (User '?')
      O4 - Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe
      O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: Analyser avec LeechGet - file://D:\Program Files\LeechGet 2004\\Parser.html
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
      O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/actions/related.htm
      O8 - Extra context menu item: Télécharger en utilisant l'assistant LeechGet - file://D:\Program Files\LeechGet 2004\\Wizard.html
      O8 - Extra context menu item: Télécharger en utilisant LeechGet - file://D:\Program Files\LeechGet 2004\\AddUrl.html
      O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm
      O9 - Extra button: Ãâ·Ñ¾«²ÊÊÓÆµ³¬Á÷³©ÔÚÏß¹Û¿´ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
      O9 - Extra 'Tools' menuitem: ²¥°ÔµçÊÓ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
      O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.89_20060727.cab
      O18 - Protocol: bw+0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
      O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe
      0
  2. Utilisateur anonyme
     
    en effet y a encore pas mal de soucis....

    au sujet de kaspersky vu que le licence est expirée .... il ne ce met plus a jours donc perimé

    soit tu acquiert une nouvelle licence kaspersky avec la nouvelle version 2009 soit tu met un antivirus gratuit

    je te conseil antivir tres efficace en anglais mais simple :

    https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/13198.html

    si tu met antivir désinstal kaspersky

    ensuite tu es au courant que xp antivirus c est installé ?? il est nefaste on le supprimera

    réouvre malewarebyte
    va sur quarantaine
    supprime tout

    Télécharge clean.zip, de Malekal
    http://www.malekal.com/download/clean.zip

    (1) Dézippe-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

    (2) Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd

    une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

    (3) Choisis l'option 1 puis patiente
    Poste le rapport obtenu

    pour retrouver le rapport : double clique sur > C > double clique sur " rapport_clean txt.
    et copie/colle le sur ta prochaine réponse .

    Ne passe pas à l'option 2 sans notre avis !

    0
    1. francoise77
       
      10/06/2008 a 21:08:32,53

      *** Recherche des fichiers dans D:

      *** Recherche des fichiers dans D:\WINDOWS\

      *** Recherche des fichiers dans D:\WINDOWS\system32
      D:\WINDOWS\system32\upx.exe FOUND

      *** Recherche des fichiers dans D:\Program Files


      voila voila

      A bientot
      0
  3. Utilisateur anonyme
     
    Salut,

    -> Redémarre en mode sans échec :

    Comment redémarrer en mode sans echec?

    Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
    Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
    Ps : si F8 ne marche pas utilise la touche F5.

    -> Tuto : http://forum.telecharger.01net.com/forum/

    -> Une fois en mode sans echec, ouvre le dossier que tu auvais crée et click sur clean.cmd et choisis l'option 2.

    -> Redémarre normalement et poste le rapport de clean + un nouveau rapport hijackthis stp
    0
    1. francoise77
       
      Salut Chiquitine voici les rapports demandes

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 15:05:38, on 11/06/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      D:\WINDOWS\System32\smss.exe
      D:\WINDOWS\system32\winlogon.exe
      D:\WINDOWS\system32\services.exe
      D:\WINDOWS\system32\lsass.exe
      D:\WINDOWS\system32\Ati2evxx.exe
      D:\WINDOWS\system32\svchost.exe
      D:\WINDOWS\System32\svchost.exe
      D:\WINDOWS\system32\Ati2evxx.exe
      D:\WINDOWS\Explorer.EXE
      D:\WINDOWS\system32\spoolsv.exe
      D:\Program Files\Messenger Plus! 3\MsgPlus.exe
      D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      D:\WINDOWS\system32\LVCOMSX.EXE
      D:\Program Files\Logitech\Video\LogiTray.exe
      D:\WINDOWS\SOUNDMAN.EXE
      D:\Program Files\QuickTime\QTTask.exe
      D:\WINDOWS\Logi_MwX.Exe
      D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bwgo0000a8d2.exe
      D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
      D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      D:\Program Files\Logitech\Video\FxSvr2.exe
      D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      D:\Program Files\Executive Software\Diskeeper\DkService.exe
      D:\WINDOWS\system32\svchost.exe
      D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      D:\WINDOWS\system32\wuauclt.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnnine.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - Default URLSearchHook is missing
      F3 - REG:win.ini: run=""
      F2 - REG:system.ini: UserInit=d:\windows\system32\userinit.exe,rundll32.exe start,
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
      O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - D:\WINDOWS\system32\SHDOCVW.DLL
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
      O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
      O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
      O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
      O4 - HKCU\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [46692068080959966892380183143623] D:\Program Files\XP Antivirus\xpa.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old"
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [46692068080959966892380183143623] D:\Program Files\XP Antivirus\xpa.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old" (User '?')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - S-1-5-21-1757981266-1532298954-839522115-500 Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe (User '?')
      O4 - Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe
      O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: Analyser avec LeechGet - file://D:\Program Files\LeechGet 2004\\Parser.html
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
      O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/actions/related.htm
      O8 - Extra context menu item: Télécharger en utilisant l'assistant LeechGet - file://D:\Program Files\LeechGet 2004\\Wizard.html
      O8 - Extra context menu item: Télécharger en utilisant LeechGet - file://D:\Program Files\LeechGet 2004\\AddUrl.html
      O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm
      O9 - Extra button: Ãâ·Ñ¾«²ÊÊÓÆµ³¬Á÷³©ÔÚÏß¹Û¿´ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
      O9 - Extra 'Tools' menuitem: ²¥°ÔµçÊÓ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
      O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.89_20060727.cab
      O18 - Protocol: bw+0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
      O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe
      0
  4. Utilisateur anonyme
     
    réouvre hijackthis
    fais scan only

    COCHE TOUTES CES LIGNES :

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
    O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.89_20060727.cab
    O18 - Protocol: bw+0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {47C85909-8268-4F20-8929-5D57860D9704} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    TU LES COCHES TOUTES ET TU CLIC SUR FIX CHECKED

    ENSUITE :

    Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    Avant d'utiliser ComboFix :

    -> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

    -> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

    Une fois fait, sur ton bureau double-clic sur Combofix.exe.

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

    - En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

    - Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

    -> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    -> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

    -> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

    la suite en fin d apres midi
    0
    1. francoise77
       
      Salutations,voici le resultat

      ComboFix 08-06-10.5 - Administrateur 2008-06-11 21:18:36.1 - NTFSx86

      Endroit: D:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      D:\Documents and Settings\All Users\Menu Démarrer\Programmes\UUSEE~1.LNK
      D:\Documents and Settings\All Users\Menu Démarrer\UUSEE~1.LNK
      D:\Program Files\uusee
      D:\Program Files\uusee\AD\1\dm\dm.html
      D:\Program Files\uusee\AD\1\yx\yx.html
      D:\Program Files\uusee\bak_UUPlayer.dll
      D:\Program Files\uusee\UFDeMux.ax
      D:\Program Files\uusee\vermini.ini.uuuu.dat
      D:\WINDOWS\~tmp7633.exe
      D:\WINDOWS\~tmp7682.exe
      D:\WINDOWS\system32\_000009_.tmp.dll
      D:\WINDOWS\system32\1EPh9k.syz
      D:\WINDOWS\system32\1TBWS4.syz
      D:\WINDOWS\system32\5u6cvi.syz
      D:\WINDOWS\system32\Cache
      D:\WINDOWS\system32\mywebhit.ini
      D:\WINDOWS\system32\mywebhit.ini.tmp
      D:\WINDOWS\system32\NvF5Re.syz
      D:\WINDOWS\system32\PS1o5Y.syz
      D:\WINDOWS\system32\sXJsaG.syz
      D:\WINDOWS\winsys.ini

      .
      ((((((((((((((((((((((((((((( Fichiers créés 2008-05-11 to 2008-06-11 ))))))))))))))))))))))))))))))))))))
      .

      2008-06-10 21:08 . 2008-06-10 21:08 3,326,245 --a------ D:\upload_moi_MONPC.tar.gz
      2008-06-09 15:45 . 2008-06-09 15:45 <REP> d-------- D:\Documents and Settings\Pierre Yves\Application Data\Malwarebytes
      2008-06-09 14:41 . 2008-06-09 14:41 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
      2008-06-09 14:41 . 2008-06-09 14:41 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
      2008-06-09 14:41 . 2008-06-09 14:41 <REP> d-------- D:\Documents and Settings\Administrateur\Application Data\Malwarebytes
      2008-06-09 14:41 . 2008-06-05 16:04 34,296 --a------ D:\WINDOWS\system32\drivers\mbamcatchme.sys
      2008-06-09 14:41 . 2008-06-05 16:04 15,864 --a------ D:\WINDOWS\system32\drivers\mbam.sys
      2008-06-08 14:49 . 2008-06-08 14:49 <REP> d-------- D:\Program Files\Trend Micro
      2008-06-07 20:00 . 2008-06-07 20:00 268 --ah----- D:\sqmdata19.sqm
      2008-06-07 20:00 . 2008-06-07 20:00 244 --ah----- D:\sqmnoopt19.sqm
      2008-06-07 13:10 . 2008-06-09 14:09 557 --a------ D:\WINDOWS\wininit.ini
      2008-06-07 12:51 . 2008-06-07 12:51 <REP> d-------- D:\Program Files\Spybot - Search & Destroy
      2008-06-07 12:51 . 2008-06-07 13:11 <REP> d-------- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-06-07 12:32 . 2008-06-07 12:32 77,613 --a------ D:\WINDOWS\system32\scui.cpl
      2008-06-07 11:46 . 2008-06-07 11:46 268 --ah----- D:\sqmdata18.sqm
      2008-06-07 11:46 . 2008-06-07 11:46 244 --ah----- D:\sqmnoopt18.sqm
      2008-06-07 00:45 . 2008-06-07 00:45 <REP> d-------- D:\WINDOWS\report
      2008-06-07 00:45 . 2008-06-07 00:44 35,037,161 --a------ D:\WINDOWS\LPT$VPN.327
      2008-06-07 00:44 . 2008-06-07 00:44 <REP> d-------- D:\WINDOWS\AU_Backup
      2008-06-07 00:44 . 2008-06-07 00:44 35,037,161 --a------ D:\WINDOWS\VPTNFILE.327
      2008-06-07 00:44 . 2008-06-07 00:44 1,958,484 --a------ D:\WINDOWS\tsc.ptn
      2008-06-07 00:44 . 2008-06-07 00:44 1,213,784 --a------ D:\WINDOWS\vsapi32.dll
      2008-06-07 00:44 . 2008-06-07 00:44 333,576 --a------ D:\WINDOWS\TSC.exe
      2008-06-07 00:44 . 2008-06-07 00:44 91,744 --a------ D:\WINDOWS\BPMNT.dll
      2008-06-07 00:44 . 2008-06-07 00:44 71,749 --a------ D:\WINDOWS\hcextoutput.dll
      2008-06-07 00:44 . 2008-06-07 00:52 823 --a------ D:\WINDOWS\tsc.ini
      2008-06-07 00:43 . 2008-06-07 00:44 <REP> d-------- D:\WINDOWS\AU_Temp
      2008-06-07 00:43 . 2008-06-07 00:43 <REP> d-------- D:\WINDOWS\AU_Log
      2008-06-07 00:43 . 2008-06-07 00:43 507,904 --a------ D:\WINDOWS\TMUPDATE.DLL
      2008-06-07 00:43 . 2008-06-07 00:43 286,720 --a------ D:\WINDOWS\PATCH.EXE
      2008-06-07 00:43 . 2008-06-07 00:43 69,689 --a------ D:\WINDOWS\UNZIP.DLL
      2008-06-07 00:43 . 2008-06-07 00:43 170 --a------ D:\WINDOWS\GetServer.ini
      2008-06-04 11:38 . 2008-06-04 11:38 172 --ah----- D:\sqmnoopt17.sqm
      2008-06-04 11:38 . 2008-06-04 11:38 172 --ah----- D:\sqmdata17.sqm
      2008-06-03 12:47 . 2008-06-03 12:47 268 --ah----- D:\sqmdata16.sqm
      2008-06-03 12:47 . 2008-06-03 12:47 244 --ah----- D:\sqmnoopt16.sqm
      2008-06-02 12:02 . 2008-06-02 12:02 268 --ah----- D:\sqmdata15.sqm
      2008-06-02 12:02 . 2008-06-02 12:02 244 --ah----- D:\sqmnoopt15.sqm
      2008-06-01 14:43 . 2003-12-18 09:50 104,960 --a------ D:\WINDOWS\system32\COMNCTR.DLL
      2008-06-01 14:43 . 2003-12-18 09:50 97,792 --a------ D:\WINDOWS\system32\LGUICOM.DLL
      2008-06-01 14:43 . 2003-12-11 09:50 20,992 --------- D:\WINDOWS\LOGI_MWX.EXE
      2008-06-01 14:43 . 2003-12-18 09:50 16,896 --a------ D:\WINDOWS\system32\LMOUSE32.DLL
      2008-06-01 14:43 . 2003-12-18 09:50 3,568 --a------ D:\WINDOWS\system32\LMOUSE16.DLL
      2008-05-31 21:32 . 2008-05-31 21:32 <REP> d-------- D:\Program Files\iTunes
      2008-05-31 21:32 . 2008-05-31 21:32 <REP> d-------- D:\Program Files\iPod
      2008-05-31 21:31 . 2008-05-31 21:31 <REP> d-------- D:\Program Files\Fichiers communs\Apple
      2008-05-31 20:47 . 2008-06-11 21:15 <REP> d-------- D:\Program Files\ma-config.com
      2008-05-31 20:47 . 2008-06-01 14:39 <REP> d-------- D:\Documents and Settings\All Users\Application Data\ma-config.com
      2008-05-31 19:24 . 2008-05-31 19:24 172 --ah----- D:\sqmnoopt14.sqm
      2008-05-31 19:24 . 2008-05-31 19:24 172 --ah----- D:\sqmdata14.sqm
      2008-05-31 19:19 . 2008-05-31 19:19 280 --ah----- D:\sqmdata13.sqm
      2008-05-31 19:19 . 2008-05-31 19:19 244 --ah----- D:\sqmnoopt13.sqm
      2008-05-28 21:08 . 2008-05-28 21:08 <REP> d-------- D:\Documents and Settings\LocalService\Application Data\Media Player Classic
      2008-05-20 23:01 . 2008-05-20 23:01 268 --ah----- D:\sqmdata12.sqm
      2008-05-20 23:01 . 2008-05-20 23:01 244 --ah----- D:\sqmnoopt12.sqm
      2008-05-16 22:08 . 2008-05-16 22:08 <REP> d-------- D:\Program Files\FDRLab

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-06-11 19:20 1,098,016 --sha-w D:\WINDOWS\system32\drivers\fidbox2.dat
      2008-06-11 19:19 49,452,064 --sha-w D:\WINDOWS\system32\drivers\fidbox.dat
      2008-06-11 12:35 690,164 --sha-w D:\WINDOWS\system32\drivers\fidbox.idx
      2008-06-11 12:35 107,996 --sha-w D:\WINDOWS\system32\drivers\fidbox2.idx
      2008-06-06 00:36 --------- d-----w D:\Documents and Settings\Administrateur\Application Data\uTorrent
      2008-06-01 12:43 --------- d--h--w D:\Program Files\InstallShield Installation Information
      2008-06-01 12:43 --------- d-----w D:\Program Files\Logitech
      2008-06-01 12:43 --------- d-----w D:\Program Files\Fichiers communs\Logitech
      2008-05-31 19:32 --------- d-----w D:\Documents and Settings\All Users\Application Data\Apple Computer
      2008-05-31 19:32 --------- d-----w D:\Documents and Settings\Administrateur\Application Data\Apple Computer
      2008-05-09 18:24 --------- d-----w D:\Program Files\Xvid
      2008-05-09 18:22 --------- d-----w D:\Program Files\QuickTime
      2008-05-09 18:20 --------- d-----w D:\Program Files\Apple Software Update
      2008-05-09 18:20 --------- d-----w D:\Documents and Settings\All Users\Application Data\Apple
      2008-05-08 10:07 --------- d-----w D:\Program Files\uTorrent
      2008-05-04 17:47 --------- d-----w D:\Documents and Settings\Administrateur\Application Data\SopCast
      2008-04-27 08:35 180,224 ----a-w D:\WINDOWS\system32\xvidvfw.dll
      2008-04-27 08:33 765,952 ----a-w D:\WINDOWS\system32\xvidcore.dll
      2008-02-17 14:17 952 -csha-w D:\WINDOWS\system32\KGyGaAvL.sys
      .

      ------- Sigcheck -------

      2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 D:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2gdr\tcpip.sys
      2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 D:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2qfe\tcpip.sys
      2006-06-12 01:39 359040 4b78d9cf627de9d37b06d915fb12c624 D:\WINDOWS\system32\dllcache\TCPIP.SYS
      2006-06-12 01:39 359040 4b78d9cf627de9d37b06d915fb12c624 D:\WINDOWS\system32\drivers\TCPIP.SYS

      2004-10-13 14:47 1036288 8fa26f9615d6b9cd641c65d7ba6bb611 D:\WINDOWS\explorer.exe
      2007-06-13 15:22 1037312 d0288319660edcfed07c7e74c4ea38a5 D:\WINDOWS\SoftwareDistribution\Download\aa7b28efbf5e224a2f6b995008501967\sp2gdr\explorer.exe
      2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 D:\WINDOWS\SoftwareDistribution\Download\aa7b28efbf5e224a2f6b995008501967\sp2qfe\explorer.exe
      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "NBJ"="D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 14:55 1871872]
      "LDM"="D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-09 10:08 36864]
      "MessengerPlus3"="D:\Program Files\Messenger Plus! 3\MsgPlus.exe" [2006-05-13 02:08 169096]
      "Configuration de la C-BOX"="D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [2004-12-21 19:17 395264]
      "LogitechSoftwareUpdate"="D:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
      "msnmsgr"="D:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55 5674352]
      "SpybotSD TeaTimer"="D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 13:50 155648]
      "MessengerPlus3"="D:\Program Files\Messenger Plus! 3\MsgPlus.exe" [2006-05-13 02:08 169096]
      "DiskeeperSystray"="D:\Program Files\Executive Software\Diskeeper\DkIcon.exe" [2004-10-04 21:53 176216]
      "ATICCC"="D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056]
      "kav"="D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-03-24 19:09 139367]
      "LVCOMSX"="D:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
      "LogitechVideoRepair"="D:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
      "LogitechVideoTray"="D:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
      "SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 D:\WINDOWS\soundman.exe]
      "QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
      "iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18 270648]
      "Logitech Utility"="Logi_MwX.Exe" [2003-12-11 09:50 20992 D:\WINDOWS\LOGI_MWX.EXE]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:54 15360]

      D:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
      Contr“le du volume (2).lnk - D:\WINDOWS\system32\sndvol32.exe [2001-08-28 18:00:00 139264]

      D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      Logitech Desktop Messenger Agent.lnk - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-09 10:08:04 196608]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
      "ForceClassicControlPanel"= 1 (0x1)
      "NoSMHelp"= 1 (0x1)

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
      "ForceClassicControlPanel"= 1 (0x1)
      "NoSMHelp"= 1 (0x1)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "wavemapper"= msacm32.drv
      "vidc.ffds"= D:\Program Files\ffdshow\ffdshow.ax

      [HKLM\~\startupfolder\D:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^mon cv 18-05-07.rtf]
      path=D:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\mon cv 18-05-07.rtf
      backup=D:\WINDOWS\pss\mon cv 18-05-07.rtfStartup

      [HKLM\~\startupfolder\D:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^~$n cv 18-05-07.rtf]
      path=D:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\~$n cv 18-05-07.rtf
      backup=D:\WINDOWS\pss\~$n cv 18-05-07.rtfStartup

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "D:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
      "D:\\Program Files\\PPMate\\ppmate.exe"=
      "D:\\Program Files\\PPMate\\ppmnet.exe"=
      "D:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
      "D:\\Program Files\\MSN Messenger\\livecall.exe"=
      "c:\\mulmq0.exe"=


      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      DcomLaunch REG_MULTI_SZ DcomLaunch

      *Newly Created Service* - CATCHME
      .
      Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
      "2008-06-11 17:08:00 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - D:\Program Files\Apple Software Update\SoftwareUpdate.exe
      "2008-06-11 18:29:00 D:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
      - D:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
      .
      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-06-11 21:20:18
      Windows 5.1.2600 Service Pack 2 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      Balayage des fichiers cachés ...

      Scan terminé avec succès
      Les fichiers cachés: 0

      **************************************************************************
      .
      Temps d'accomplissement: 2008-06-11 21:20:59
      ComboFix-quarantined-files.txt 2008-06-11 19:20:57

      Pre-Run: 42,790,703,104 octets libres
      Post-Run: 42,922,090,496 octets libres

      201 --- E O F --- 2007-11-26 02:04:59


      A bientot
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    salut

    il nous reste pas mal de chose a virer mais on arrive a la fin

    refais un scan hijackthis et post le rapport stp
    0
    1. francoise77
       
      Salut voila le rapport




      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 20:06:25, on 12/06/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      D:\WINDOWS\System32\smss.exe
      D:\WINDOWS\system32\winlogon.exe
      D:\WINDOWS\system32\services.exe
      D:\WINDOWS\system32\lsass.exe
      D:\WINDOWS\system32\Ati2evxx.exe
      D:\WINDOWS\system32\svchost.exe
      D:\WINDOWS\System32\svchost.exe
      D:\WINDOWS\system32\Ati2evxx.exe
      D:\WINDOWS\system32\spoolsv.exe
      D:\WINDOWS\Explorer.EXE
      D:\Program Files\Messenger Plus! 3\MsgPlus.exe
      D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      D:\WINDOWS\system32\LVCOMSX.EXE
      D:\Program Files\Logitech\Video\LogiTray.exe
      D:\WINDOWS\SOUNDMAN.EXE
      D:\Program Files\QuickTime\QTTask.exe
      D:\WINDOWS\Logi_MwX.Exe
      D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
      D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bwgo0000ade3.exe
      D:\Program Files\Logitech\Video\FxSvr2.exe
      D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      D:\Program Files\Executive Software\Diskeeper\DkService.exe
      D:\WINDOWS\system32\svchost.exe
      D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      D:\Program Files\Internet Explorer\IEXPLORE.EXE
      D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnnine.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe"
      O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
      O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
      O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
      O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
      O4 - HKCU\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old"
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
      O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old" (User '?')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - S-1-5-21-1757981266-1532298954-839522115-500 Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe (User '?')
      O4 - Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe
      O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: Analyser avec LeechGet - file://D:\Program Files\LeechGet 2004\\Parser.html
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Télécharger en utilisant l'assistant LeechGet - file://D:\Program Files\LeechGet 2004\\Wizard.html
      O8 - Extra context menu item: Télécharger en utilisant LeechGet - file://D:\Program Files\LeechGet 2004\\AddUrl.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -
      O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} -
      O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
      O23 - Service: Indexing Service (CiSvc) - Unknown owner - D:\WINDOWS\system32\cisvc.exe (file missing)
      O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
      O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe
      0
  7. Utilisateur anonyme
     
    bonsoir,

    réouvre hijacckthis
    fais scan only
    coches ces lignes :

    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -
    O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} -

    tu les coches et tu clic sur fix checked

    ensuite désinstal java car pas a jours et telecharge et instal cette version :

    https://www.java.com/fr/download/manual.jsp

    ensuite fais ceci :

    Démarrer > executer > ' services.msc ' ,

    - Clic droit sur le service cité - Indexing Service
    - propriétés
    - et dans "type de démarrage" et mets le sur « désactivé ».
    - Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »

    Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html

    ensuite :

    télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
    double-clique sur OTMoveIt.exe pour le lancer.
    copie la liste qui se trouve en gras ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

    D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bwgo0000ade3.exe
    D:\WINDOWS\system32\winsrc.dll_old
    D:\upload_moi_MONPC.tar.gz


    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

    et dis moi comment va le pc stp

    0
  8. francoise77
     
    Salut alors j'ai realise toutes les operations mais j'ai toujours un demarrage tres penible enfin on verra bien
    voici le rapport demande

    D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bwgo0000ade3.exe moved successfully.
    File/Folder D:\WINDOWS\system32\winsrc.dll_old not found.
    D:\upload_moi_MONPC.tar.gz moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06122008_214203

    De plus j'ai remplace KAV 6.0 par AVIRA ANTIVIR et Spybot SD
    Je rajoute un rapport Hijackthis
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:39:20, on 12/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\csrss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\Messenger Plus! 3\MsgPlus.exe
    D:\WINDOWS\system32\LVCOMSX.EXE
    D:\Program Files\Logitech\Video\LogiTray.exe
    D:\WINDOWS\SOUNDMAN.EXE
    D:\Program Files\QuickTime\QTTask.exe
    D:\WINDOWS\Logi_MwX.Exe
    D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bwgo0000bff4.exe
    D:\Program Files\Logitech\Video\FxSvr2.exe
    D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Executive Software\Diskeeper\DkService.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\wdfmgr.exe
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnnine.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
    O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old"
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (User '?')
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart (User '?')
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [Configuration de la C-BOX] D:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe (User '?')
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [LogitechSoftwareUpdate] "D:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User '?')
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
    O4 - HKUS\S-1-5-21-1757981266-1532298954-839522115-500\..\RunOnce: [SpybotDeletingB5637] command /c del "D:\WINDOWS\system32\winsrc.dll_old" (User '?')
    O4 - S-1-5-21-1757981266-1532298954-839522115-500 Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe (User '?')
    O4 - Startup: Contrôle du volume (2).lnk = D:\WINDOWS\system32\sndvol32.exe
    O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: Analyser avec LeechGet - file://D:\Program Files\LeechGet 2004\\Parser.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger en utilisant l'assistant LeechGet - file://D:\Program Files\LeechGet 2004\\Wizard.html
    O8 - Extra context menu item: Télécharger en utilisant LeechGet - file://D:\Program Files\LeechGet 2004\\AddUrl.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Program Files\ma-config.com\maconfservice.exe
    0
  9. Utilisateur anonyme
     
    ok réouvre hijackthis
    fai scan oly
    coches ces lignes :

    O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe"

    O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe

    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

    O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart

    tu les coches et tu clic sur fix checked

    ensuite :

    telecharge Ccleaner :

    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

    instal le sans la barre yahoo

    fais lancer le nettoyage

    repete l opération jusqu a ce qu il trouve rien

    ensuite fais registre

    fais chercher les erreures

    ensuite fais corriger les erreures

    repete l opération jusqu a ce qu il trouve rien

    ensuite :

    Telecharge reg cleaner pour nettoyer le registre:

    http://manuelsdaide.com/RegCleaner/RegCleaner.htm
    ________________

    ouvre le et clic sur TOOL

    Choisi registry cleanup

    clic sur automatic registry cleaner

    laisse scanner et supprime tout

    ensuite :

    * pour supprimer les outils/fix utilisés :

    Télécharge ToolsCleaner sur ton bureau.
    -->
    http://pagesperso-orange.fr/AceRothstein/ToolsCleaner2.exe
    http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe

    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    ensuite lance une dfragmentation avec diskeeper

    de plus ouvre la commande executer
    tape msconfig
    va sur demarrage
    fais la liste des programmes qui s y trouve
    0
    1. francoise77
       
      salut me revoila apres une semaine de conges et au niveau du PC c'est la cata
      Tout d'abord comme demande voici la liste de demarrage

      NeroCheck
      MsgPlus
      DkIcon
      LVCOMSX
      ISStart
      LogiTray
      SOUNDMAN
      avgnt
      cli
      QuickAccess
      ManifestEngine
      TeaTimer
      LogitechDesktopMe....
      msnmsgr
      Logitech Desktop M

      De plus j'ai maintenant des ecrans bleus a repetition avec les messages suivants
      DRIVER_IRQL_NOT_LESS_OR_EQUAL
      STOP 0x000000D1(0x00000008,0x00000002,0x00000000,0xF7313dDEF)
      NDIS_SYS_ADRESS F7313BEF base at F72FD000,DateStamp 41107ec 3


      a bientot
      0
  10. Utilisateur anonyme
     
    salut

    decohe ça :

    NeroCheck
    MsgPlus
    LogiTray
    LogitechDesktopMe....

    Logitech Desktop M
    et clic sur aplliquer

    pour les ecran bleu a quel moment ça te le fais ?? as tu installer un logicile recemment ??
    0