Bonjour à tous, je suis infecté par blackworm depuis deux jours et je n'en peux plus (enfin c'est le navigateur firefox qui me dit cela) les pubs n'arrêtent pas de tomber de partout ou alors c'est des messages d'infection de blackworm ou meme autre...
Je viens de faire un scan avec hijackthis et voici le rapport:
Logfile of HijackThis v1.99.1
Scan saved at 16:09:52, on 28/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\outlook\outlook.exe
C:\windows\mousepad5.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\dcu.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\Reminder.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Windows\services32.exe
C:\Documents and Settings\User\Bureau\hijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: XBTB04715 - {A8B0BDED-64A5-495b-97DA-42C0301E229B} - C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard5.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad5.exe
O4 - HKLM\..\Run: [newname] C:\windows\newname5.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whsurvey.exe
O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe" /min
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - HKCU\..\Run: [services32] C:\Program Files\Fichiers communs\Windows\mc-110-12-0000140.exe
O4 - Startup: dcu.lnk = ?
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
O4 - Startup: reminder.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5697140150
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFF6F4D6-5C50-4633-A949-D54B984EE345}: NameServer = 130.244.127.161 130.244.127.169
O18 - Protocol: bw+0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: IPConfTSP - C:\WINDOWS\system32\lv6m09j1e.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\dXNlcg\command.exe (file missing)
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Bon bhein voilà, moi je suis infographiste et informaticien dans l'ame, si quelqu'un pourait m'aider ça serait génial
Merci d'avance :-D
Ah oui une dernière chose, tous ces problèmes sont arrivé depuis que j'ai installé quelque chose qui sois disant permettait à shareaza d'effectuer plusieurs téléchargements en même tps étant donné que j'ai le service pack 2 de windows (belle salopperie d'allieurs) merci
Bonjour
Belle infection amenée par le nouveau qoologic.
Prière d'imprimer ces instructions, ou de les coller dans un fichier texte pour lecture en mode Sans Échec.
Télécharge Brute Force Uninstaller (de Merijn).
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)
FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
Sous Scriptline to execute copie/colle cette ligne :
c:\bfu\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.
Clique Exit pour fermer le programme BFU.
Ensuite.
Télécharge [red]Look2Me-Destroyer.exe[/red] (par Atribune) sur ton Bureau.
* Ferme toutes les fenêtres actives avant de passer à l'étape suivante.
* Double-clique Look2Me-Destroyer.exe afin de lancer l'outil.
* Coche Run this program as a task
* Un message s'affichera, te disant ceci : "Look2Me-Destroyer will close and re-open in approximately 1 minute". Clique OK
* Il se relancera après la minute, puis clique sur le bouton Scan for L2M; les icônes de ton Bureau vont disparaître : c'est normal.
* Lorsque le scan termine, clique sur le bouton Remove L2M
* Un message Done Scanning apparaîtra, clique OK.
* Un nouveau message s'affichera : Done removing infected files! Look2Me-Destroyer will now shutdown your computer; clique OK.
* Ton PC va maintenant s'éteindre.
* Démarre ton PC normalement.
* Colle le rapport généré (Look2Me-Destroyer.txt), situé sur le Bureau, ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.
#Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.
Merci je vais faire ça, sauf que je trouve pas brute force...:s mais bon je vais trouver et puis ensuite je te ferais un rapport de hijackthis
Encore merci
Re
Effectivement, cela ramène sur IDN ?
Un autre lien
http://www.merijn.org/files/bfu.zip
Après ces manips, cela devrait aller un peu mieux, mais il en restera encore.
dis c'est normal que qd j'enregistre la cible du lien sous j'ai un fichier redirect.php à la place de EGDACCESS.bfu ?
c'est bon j'ai réussi à le trouver allieurs, je sup que ça va aller comme ça aussi 
Je lance en mode sans échec
Euh
Qu'est ce qui se passe sur IDN ?
Pour les liens ne fonctionnent plus ?
Tu vas sur cette page de Google. Tu fais le clic droit sur le premier lien, le site de Metallica et tu continue la manip.
http://www.google.fr/search?hl=fr& [...] ogle&meta=
bon voila, j'ai exécuter la manip en mode sans échec,
comme tu m'avais dit, maintenant il me reste a telecharger look2me, je vais voir sur le web parce que comme tu dis apparement ça déconne sur IDN
Encore merci de me suivre comme ça
Attention, Look2me Destroyer.
Il existe aussi L2mfix qui fais la même chose, mais en deux passes.
Dis j'ai trouvé ça ici dans ce forum, c'est ok non? (un peu plus bas ya un lien vers le prog en question) c'est que j'ai pas envie de faire une connerie, meme si je demande peu trop peut etre
http://forum.telecharger.01net.com [...] ges-1.html :-P
Oui, c'est le même.
Il y a juste une légere différence dans la manip entre celui de 01.net et moi, car l'utilitaire vient de changer. Mais le lien est le même.
Euh ....
Je viens de te répondre, mais le message apparait au dessus à 17h31.
Je n'y comprend plus rien.
Je viens de te faire trois réponses, mais elles remontent dans le temps à 17h31, 17h33, ....
Je ne comprend plus rien.
Bon voila ce qui en ressort
d'abord celui de hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:08:44, on 28/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\Program Files\outlook\outlook.exe
C:\windows\mousepad6.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\dcu.exe
C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\Reminder.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Bureau\hijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: XBTB04715 - {A8B0BDED-64A5-495b-97DA-42C0301E229B} - C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard6.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad6.exe
O4 - HKLM\..\Run: [newname] C:\windows\newname6.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - Startup: dcu.lnk = ?
O4 - Startup: reminder.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5697140150
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFF6F4D6-5C50-4633-A949-D54B984EE345}: NameServer = 130.244.127.161 130.244.127.169
O18 - Protocol: bw+0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
puis voila celui de look2Me:
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 28/03/2006 18:29:15
Infected! C:\WINDOWS\system32\qaery.dll
Infected! C:\WINDOWS\system32\g8040idqe80e0.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188403.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188413.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188421.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188595.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188610.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP109\A0188639.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP109\A0188640.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0189736.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0189746.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190739.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190834.dll
Infected! C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190838.dll
Infected! C:\WINDOWS\system32\byzip.dll
Infected! C:\WINDOWS\system32\i060lajm1doa.dll
Infected! C:\WINDOWS\system32\idmontr.dll
Infected! C:\WINDOWS\system32\ir8sl5l71.dll
Infected! C:\WINDOWS\system32\n84slih7184.dll
Infected! C:\WINDOWS\system32\nlrsfr.dll
Infected! C:\WINDOWS\system32\qaery.dll
Infected! C:\WINDOWS\system32\rUsadhlp.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\qaery.dll
C:\WINDOWS\system32\qaery.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188403.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188403.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188413.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188413.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188421.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188421.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188595.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188595.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188610.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP108\A0188610.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP109\A0188639.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP109\A0188639.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP109\A0188640.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP109\A0188640.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0189736.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0189736.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0189746.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0189746.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190739.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190739.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190834.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190834.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190838.dll
C:\System Volume Information\_restore{7347A693-DE2F-4351-ADE3-95CB3670107D}\RP110\A0190838.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\byzip.dll
C:\WINDOWS\system32\byzip.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\i060lajm1doa.dll
C:\WINDOWS\system32\i060lajm1doa.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\idmontr.dll
C:\WINDOWS\system32\idmontr.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\ir8sl5l71.dll
C:\WINDOWS\system32\ir8sl5l71.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\n84slih7184.dll
C:\WINDOWS\system32\n84slih7184.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\nlrsfr.dll
C:\WINDOWS\system32\nlrsfr.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\qaery.dll
C:\WINDOWS\system32\qaery.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\rUsadhlp.dll
C:\WINDOWS\system32\rUsadhlp.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Syncmgr
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SharedDLLs
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{CACDD04C-B5DE-4431-98F7-0D7E07829BD7}"
HKCR\Clsid\{CACDD04C-B5DE-4431-98F7-0D7E07829BD7}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{6DC2F33E-3CAA-460A-AF71-C49B12F31EC1}"
HKCR\Clsid\{6DC2F33E-3CAA-460A-AF71-C49B12F31EC1}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{E71ED9A1-F0AF-417B-8F1B-0D31DDDF6B58}"
HKCR\Clsid\{E71ED9A1-F0AF-417B-8F1B-0D31DDDF6B58}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
Voila merci d'avance pour la suite
Un petit nettoyage
Installe Ewido
Décoche lors de l'installation les deux cases.
Lance Ewido puis mets le à jour.
Fais un Scan complet du système.
Sauvegarde puis colle le rappport.
On continue.
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Ewido
http://www.ewido.net/fr/download/
Tu l'installes et tu le mets à jour.
FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de télécharger Alcanshorty.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Alcanshorty.bfu et BFU.exe.
Si le lien est encore cassé, va sur cette page de Google et fais clic droit sur le premier lien.
http://www.google.fr/search?hl=fr& [...] cher&meta=
2 Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche [b]F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.[/b]
3 Lance le nettoyage avec CCleaner.
4 Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
Sous Scriptline to execute copie/colle cette ligne :
c:\bfu\Alcanshorty.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.
Clique Exit pour fermer le programme BFU.
5 Lance Ewido.
Fais un scan en mode complet.
Sauvegardes le rapport.
6 Redémarre normalement et poste un nouveau log HijackThis avec le rapport d'Ewido.
ok merci bien , il vient déjà de trouver un fichier infecté
bon la pour le moment, j'ai toujours mon pc qui fait un scan avec ewido...
Mais je continue ce tes manip et comme depuis le début, j'arrive pas a cibler tes liens, ici j'ai du mal a trouver Alcanshorty.bfu ...
T'aurais pas un autre lien stp merci
oups désolé, j'avais pas vu ton lien... :s
Ahhhh enfin, ça en a pris du tps pour scanner !
voila maintenant le rapport de hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 21:43:14, on 28/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\Reminder.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Bureau\hijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XBTB04715 Class - {A8B0BDED-64A5-495b-97DA-42C0301E229B} - C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - Startup: dcu.lnk = ?
O4 - Startup: reminder.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5697140150
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFF6F4D6-5C50-4633-A949-D54B984EE345}: NameServer = 130.244.127.161 130.244.127.169
O18 - Protocol: bw+0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Et celui de ewido :
Logfile of HijackThis v1.99.1
Scan saved at 21:43:14, on 28/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\Reminder.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Bureau\hijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XBTB04715 Class - {A8B0BDED-64A5-495b-97DA-42C0301E229B} - C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - Startup: dcu.lnk = ?
O4 - Startup: reminder.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5697140150
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFF6F4D6-5C50-4633-A949-D54B984EE345}: NameServer = 130.244.127.161 130.244.127.169
O18 - Protocol: bw+0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Voila merci encore
Re
C'est déja mieux, mais encore quelques corrections.
Tu as mis deux fois HijackThis, mais pas le rapport d'Ewido. :-o
Je reviens avec la suite.
oups, j'ai du zipé avec le ctrl c lol voila l'ewido :
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 21:38:25, 28/03/2006
+ Somme de contrôle: 162430A3
+ Résultats du scan:
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Bleach ch220 HQ AntuKecik zip.zip/Setup.exe -> Worm.VB.dw : Erreur durant le nettoyage
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Bleach ch220 M7 zip.zip/Setup.exe -> Worm.VB.dw : Erreur durant le nettoyage
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Browse categories.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Bubba the Love Sponge 03-23-06 on Howard 101 ( Howard Stern ).zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Candy Candy S1 e27-40 torrent.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\DBZ Movies Complete.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\dcp 3-23-06.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Dirty Limited XViD DVDRiP-DEiTY[www evolutiontt org].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Dr Dolittle 3 2006 DVDRip XviD-NEPTUNE[www evolutiontt org].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Ebooks - Casé en une semaine FRENCH.pdf.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Enr1X Wallpaper Pack.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\ER S12E17 HDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Everybody Hates Chris S01E17 HDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Far Cry Instincts Evolution XBOX-Allstars.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Far Cry Instincts Evolution XBOX-Allstars[www evolutiontt org].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Far Cry Instincts Evolution XBOX-Allstars{www el-torrent com}.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Flaubert, Gustave - Dictionnaire Des Idees Recues [Par TariLenwe ebook fr francais].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Floorfillers Club Classics 3cds + COVERS WORKS FINE!.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\FRENCH Revolver DVDRip Ajouté par FunT.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\GraceParkCylonBabefromBS2105790 Demonoid.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Howard Stern On Demand - Best of Week 2-27 thru 3-3.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Howard Stern On Demand - Valentina Vaughn On The Sybian.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Howard Stern On Demand - Wack Pack Revelations.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Howard Stern Show 03 22 06.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Howard Stern Show 03-23-06 24k.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Howard Stern Show 03-23-06 64k.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Indiana Jones and the Fate of Atlantis.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Indiana Jones Thunder in the Orient.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\IRC chat.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Jesse Jane Solo Pictures rar.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\John Petrucci - Suspended Animation [Progressive Metal] [2005] (256Kbps).zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\John Wiley and Sons MPLS Enabled Applications Emerging Developments and New Technologies Oct 2005 eB.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Le Monde PDF 24 03 06 zip.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Lunar Anime - Script Archive.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Manuale Photoshop 9 CS2 - Italiano.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Mark Knopfler - Wolftrap 2005 [Rock][2006][www pctrecords com].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Massive Attack - Collected - 2CD [Alternative][2006][www pctrecords com].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Mathematica 5 - Linux AND Windows (ISO).zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\My Name Is Earl - My Name is Earl S01E19 HDTV XviD-LOL [eztv][VTV].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Naruto ch300 LQ woush zip.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Nero 7.0.8.2 Working.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\No1 DVD Ripper 2.5.0.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Norton Subscription Extension.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Oblivion FullDVD French rar.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Oblivion The Elder Scrolls 4 FRENCH.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Opie & Anthony 03-23-06 (JB-64kCF) mp3.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Outrun 2006 Coast 2 Coast Xbox Pal-RiOT.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Outrun 2006 Coast 2 Coast Xbox Pal-RiOT{www el-torrent com}.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Playboy March 2006 - LAUGHINGOUT TK.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Prison Break - Prison Break S01E15 iNTERNAL DVDSCR XviD-iND.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Privacy policy.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\RealNetworks Helix Server Unlimited v11.0.2.2358.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Romanzo Criminale FRENCH DVDSCR REPACK 1CD XviD-COBRA.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Saint Jacques La Mecque FRENCH DVDRip XviD-LOST ALLTEAM.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Scientific American 1993-1999 - PDF.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Search Cloud.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\sexy pantyhose pictures.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Show all of today →.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Smokey Robinson And The Miracles-The Ultimate Collection(Darkside RG).zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Speed Fan 4.28.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Spyware doctor 3.5.1.498.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Stillwater 2005 DVDRip XViD-TWiST [www descargasweb net].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Street Riders EUR Multi5 PSP [WwW LiMiTeDiVx CoM].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Street Riders EUR Multi5 PSP-SUSHi-BC.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\That 70s Show S08E14 PDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Batman & Superman Movie DVDRip KVCD by PJ(TUS Release).zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The BitTorrent Song.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Black Eyed Peas-Renegotiations-The Remixes-2006 [WwW LiMiTeDiVx CoM] By KELOLO zip.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Daily Show 03.23.06 (DSRip-LOKI)[VTV].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Elder Scrolls IV Oblivion Manual Disc High Quality-TEDOX.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Family Man S01E01 WS PDTV XviD-GOTHiC [eztv].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Holographic Universe - Michael Talbot [Interviews and Workshop].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Loop S01E03 HDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The O C S03E18 HDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The O.C. 3x18 (HDTV-LOL)[VTV].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\The Worlds Fastest Indian LiMiTED DVDRip XviD-DoNE[www evolutiontt org].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Tom and Jerry Collection [DivX].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Top 100 Billboard [04-01-2006][ Charts][Vol 1][@224].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\TV Shows.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Ulead VideoStudio 10 Plus-DVT TeamExtream rar.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Upload a torrent.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\V For Vendetta CAM SVCD-PreVail.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Wes Craven's Prince Of Darkness [DVD-XviD-mp3] avi.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Will And Grace S08E17 HDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\WinHex 12 85 SR7.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Wolf Creek Unrated XViD DVDRiP-DEiTY[www evolutiontt org].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Worms EUR PSP [WwW LiMiTeDiVx CoM].zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\[Howard Stern] Wrap-Up Show 64k (03-23-06).zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\[LIME] Fighting Beauty Wulong 02 avi.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\[Raw-Manga] Naruto 300(lq).zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\[Spanish Newspaper] El Pais PDF 24 03 2006.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\[Yoroshiku] Ergo Proxy 03 (1280x720) (H264-AAC5 1) [FFA954D2] mkv.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Downloads\Shared\[Yoroshiku] Ergo Proxy 04 [8E7CC625] avi.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Mes fichiers reçus\Messenger Plus! - Setup.exe/70000011.exe -> Downloader.Swizzor.af : Nettoyer et sauvegarder
C:\Documents and Settings\User\Mes documents\Mes fichiers reçus\MsgPlus-221.exe/70000011.exe -> Downloader.Swizzor.g : Nettoyer et sauvegarder
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : Nettoyer et sauvegarder
C:\WHCC2.exe/whAgent.exe -> Adware.WebHancer : Nettoyer et sauvegarder
C:\WINDOWS\system32\winlog.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
D:\Benjamin\docs\Mes fichiers reçus\Messenger Plus! - Setup.exe/70000011.exe -> Downloader.Swizzor.af : Nettoyer et sauvegarder
D:\Benjamin\docs\Mes fichiers reçus\MsgPlus-221.exe/70000011.exe -> Downloader.Swizzor.g : Nettoyer et sauvegarder
::Fin du rapport
Je vois que j'ai eu 2 erreurs au nettoyage pour des worm au début :-o J'espère que je vais pas devoir encore attendre pdt 2 heures pour refaire encore une fois le scan :-s
Salut,
essaie de les supprimer manuellement les fichiers non supprimés.
@+
Re
1 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
2 Relance un scan HijackThis et coche les lignes ci-dessous :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
O2 - BHO: XBTB04715 Class - {A8B0BDED-64A5-495b-97DA-42C0301E229B} - C:\PROGRA~1\TOOLBA~1\TOOLBA~1.DLL (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Toolbar888\ToolBar888.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: bw+0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4143989C-E0D7-4B23-84F8-B8169417910B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »
3 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer
4 Tu clique sur Démarrer puis Exécuter, tu tapes services.msc et tu cliques sur OK.
Dans la liste des services, cherche et sélectionne
"Network Monitor" / double clique sur la ligne
/ vérifie dans Chemin d'accès des fichiers exécutables qu'il
s'agit bien de "C:\Program Files\Network Monitor\netmon.exe" / dans Type de démarrage,
sélectionne Désactiver / valide la modification.
5 Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes :
Network Monitor
Error Safe Free
outlook
6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :
C:\Program Files\Network Monitor
C:\Program Files\Error Safe Free
C:\Program Files\outlook
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Bleach ch220 HQ AntuKecik zip
C:\Documents and Settings\User\Mes documents\Downloads\Shared\Bleach ch220 M7 zip
7 Lance le nettoyage avec CCleaner.
Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.
8 Redémarre normalement et poste un nouveau log HijackThis.
Et pour répondre a ta question de tantot, oui c'était bien Look2Me destroyer que j'ai passé... :-)
Bhein je vais regarder oui c'est peut etre plus facile :-)
voila voila, j'ai fait tout ce que tu m'as dicté, et il en ressort ceci au hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 22:43:35, on 28/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Documents and Settings\User\Bureau\hijackThis\HijackThis.exe
C:\WINDOWS\System32\imapi.exe
C:\WINDOWS\system32\wscntfy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5697140150
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Bon me semble que ça diminue tout doucement, mais a toi de juger encore une fois...
Je voulais ajouter que je n'ai pas trouver de error safe free (peut etre que je l'avais déjà viré avant en regardant dans ajout suppressions de pgm parce que j'avais fait un petit nettoyage) et pour network monitor, il n'a pas voulu le supprimer par l'ajout supp de pgm, alors j'ai juste réussi a viré le dossier dans pgm file (qui était vide)
Bon bhein voila encore grand merci :-D
Oui, c'est mieux, HijackThis est propre :-D
On finit avec une analyse en ligne sur Panda
http://www.pandasoftware.com/activ [...] ncipal.htm
Colle son rapport ici.
Ok, mais la je vais aller dormir, j'ai qd meme lancé le scan si c'est rapide alors je le posterais.
Juste une dernière question, c'est normal que panda ne veut pas analyser mon pc a partir de firefox...?
Dans tous les cas, bonne nuit à demain et grand merci pout ton aide :-D
Oui, c'est normal, car il faut un ActiveX qui ne fonctionne qu'avec Internet Explorer.
Ok merci, juste une dernière question pdt que ça scanne, j'avais karspersky comme antivirus, je dis avais car la licence a expiré il y a 35 jours... :s mais je n'ai pas vraiment les moyen pour payer une nouvelle licence (en temps qu'étudiant :-D ) tu sais pas m'aiguillé vers quelque chose de pratique et compétant comme antivirus, et qui serait gratuit (ou presque ;-) ) lol
Un antivirus et un parefeu complètement gratuits :-D
- 1 (et 1 seul) pare-feu bien paramétré, gratuit
par exemple ZoneAlarm
http://www.zonelabs.com/
et son tutorial
http://speedweb1.free.fr/frames2.php?page=tuto1
- 1 (et 1 seul) antivirus résident bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut), gratuit
par exemple AVAST Home Edition FREE
http://www.avast.com/eng/down_home.html
avec inscription obligatoire
http://www.avast.com/i_kat_207.php?lang=ENG
et son tutorial
http://www.pcentraide.com/index.php?showtopic=120
Supprime ensuite Kaspersky.
Scanne avec Avast qui va peut être encore te nettoyer des choses.
Et regarde ma signature, la meilleur protection c'est toi. Donc, soit plus prudent dans les téléchargements ;-)
Merci bcp pour tous ses renseignements, demain promis tout cela sera a jour :-D
Sinon bhein oui t'as bien raison pour les téléchargements, j'y fais attention , mais je te dis je pense que mon problème venait du fait que j'ai télécharger une crasse pour sois disant permettre a windows (muni du service pack 2) de rompre la limite du nombre de téléchargement en meme tps, ce qui me permettait d'avoir shareaza qui allait 10 fois plus vite...
Mais à quel prix (je pense que le tps que je viens de passer sur mon pc m'a suffit pour comprendre :-( )
Peut être qu'à ce niveau la tu peux aussi me conseiller, shareaza c'est bien ou non (si non, qu'est ce que tu me propose a la place?)
Encore merci
Un tout grand merci a toi "chercheur du PCA " tu m'as vraiment sortit de la "m" , tout est nickel maintenant au niveau de la navigation en tt cas, j'ai pas eu le courage d'attendre la fin du scan hier avec Panda je le lance maintenant pour qd meme te reposter le résultat, j'ai installé zone alarme et avast, maintenant le pc est parfaitement protégé (du moins je l'espère)
En tt cas si jamais un jour j'ai un problème similaire, je viens te faire un MP :-D
Bonsoir
Pour te protèger un peu plus, un peu de lecture ;-)
Protection minimale :
- système parfaitement tenu à jour pour les éléments de catégorie critique, Service Packs et Service Releases
http://update.microsoft.com
- 1 (et 1 seul) pare-feu bien paramétré, gratuit
par exemple ZoneAlarm
http://www.zonelabs.com/
et son tutorial
http://speedweb1.free.fr/frames2.php?page=tuto1
- 1 (et 1 seul) antivirus résident bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut), gratuit
par exemple AVAST Home Edition FREE
http://www.avast.com/eng/down_home.html
avec inscription obligatoire
http://www.avast.com/i_kat_207.php?lang=ENG
et son tutorial
http://www.pcentraide.com/index.php?showtopic=120
- antitroyen gratuit passé périodiquement, par exemple A2
http://www.emsisoft.net/fr/
en le téléchargeant
Il est nécessaire de s'enregistrer pour bénéficier des mises à jour
- antispywares/antiadwares gratuits passés périodiquement, par exemple Ad-Aware SE Personnal
http://www.lavasoftusa.com/default.shtml.fr
tutorial
http://home.tiscali.be/schouppeguy/adawarese/adawase.htm
et Spybot Search and Destroy
http://www.safer-networking.org/fr/home/index.html
tutorial
http://assiste.free.fr/p/frameset/07_spybot_search_destroy.php
- Se protèger des ActiveX nuisibles avec SpywareBlaster
http://www.javacoolsoftware.com/downloads.html
tutorial
http://www.ordi-netfr.org/tutorialspywareblaster.php
- comportement prudent vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages scannés avant d'être ouverts)
- attitude vigilante quant aux dysfonctionnements de ton système.
- maintenance hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
Tous ces programmes parfaitement mis à jour avant chaque utilisation.
Pour plus de précisions, je te conseille de lire la page Web "Lutte AntiMalware -prévention"
http://gerard.melone.free.fr/IT/IT-AM0.html
Fais passer le message sur la prévention autour de toi !!
Merci pour tout ça, j'avais déjà quelques uns de tes programmes mais yen a d'autres très intéressant que je ne connaissais pas Je m'excuse de répondre si tard, j'étais partit pdt une semaine :-?
Enfin voila je vais faire passer ça autour de moi, mais la plupart des gens a qui j'ai déjà recommandé cela me prenne pour un malade de l'antivirus :-P
Bonne journée
Il y a 1355 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
