UnSpypc et Toolbar, comment les retirer ????

vasi envoi le raport hijack

fais péter le rapport ;-)

OLIVETMYSTIC , je te laisse laider,
je dois ya aller
bonne chance

Merci de la réponse rapide, c'est génial !
je ne m'y connais pas du tout en info mais,
Voici le rapport :


Logfile of HijackThis v1.99.1
Scan saved at 12:37:50, on 21/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Windows TaskAd\WinTaskAd.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Windows TaskAd\WinSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Video\AlbumDB2.exe
C:\HiJack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {20453710-29F8-421B-187E-55F4BF492C3D} - EXE32EXE.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\system32\tfnoa.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\system32\tfnoa.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [backorif] qwe.exe
O4 - HKLM\..\Run: [XTermInit] Kargo.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [UnSpyPC] C:\Program Files\UnSpyPC\UnSpyPC.exe
O4 - HKCU\..\Run: [keybdll] BoundRec.exe
O4 - HKCU\..\Run: [RtlFindVal] srbho.exe
O4 - HKCU\..\Run: [scanSYS] systemdll.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D303413-B109-42E2-8271-D2B7FD04343B}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBEAADA6-217D-4CC5-8E88-B8DBA24FCD32}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF103A27-8024-4E6F-9BB2-2FF97F662241}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CS1\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CS2\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O18 - Protocol: bw+0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

re
alor tu coche ces lignes puis tu fait fix cheked:

C:\Program Files\Windows TaskAd\WinTaskAd.exe

C:\Program Files\Windows TaskAd\WinSched.exe

R3 - URLSearchHook: (no name) - {20453710-29F8-421B-187E-55F4BF492C3D} - EXE32EXE.dll (file missing)

O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\system32\tfnoa.dll
(C'est la toolbar ki soule)

O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\system32\tfnoa.dll

Voila ca devrait etre propre maintenant mais fait kanmeme un scan avec

ewido
et suprime tout ce kil trouve
Allez bonne chance!

ok je fais tout ça et je reposte un rapport :-)

ta reussi??

Apres le scan Ewido reposte un nouveau log HJT car il y a encore des choses à virer que ricileprogramatteur n'a pas vu !!

---------------------------------------------------------
Voilà le scan vient de se finir;
en tout cas, j'ai plus de Toolbar, :-D merci beaucoup !!!
il y a encore des choses à retirer ??



ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 13:40:31, 21/04/2006
+ Somme de contrôle: 5BF91982

+ Résultats du scan:

HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj -> Adware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CLSID -> Adware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj\CurVer -> Adware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\ToolBand.ToolBandObj.1 -> Adware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows TaskAd -> Adware.WinTaskAd : Nettoyer et sauvegarder
HKLM\SOFTWARE\Windows TaskAd -> Adware.WinTaskAd : Nettoyer et sauvegarder
[720] VM_00D60000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[744] VM_00BF0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[2044] VM_009D0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[924] VM_00880000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[176] VM_00390000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1032] VM_00890000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1156] VM_00880000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1232] VM_00890000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1364] VM_00A40000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1380] VM_00A20000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1528] VM_003A0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1576] VM_00930000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1624] VM_00E70000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1704] VM_009A0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1744] VM_003B0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[536] VM_00A50000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1460] VM_00870000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1416] VM_00890000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[428] VM_003E0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1308] VM_009C0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1408] VM_009E0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[908] VM_00AD0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1756] VM_00840000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[2180] VM_00A00000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[2648] VM_00840000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[3872] VM_008B0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
C:\Documents and Settings\Gérôme\Cookies\gérôme@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@as-us.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@c.enhance[1].txt -> TrackingCookie.Enhance : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@centrport[1].txt -> TrackingCookie.Centrport : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ehg-christiandior.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ehg-nvidia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ehg-sonyesolutions.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@estat[2].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@findwhat[1].txt -> TrackingCookie.Findwhat : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@hotlog[1].txt -> TrackingCookie.Hotlog : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@media.fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@qksrv[2].txt -> TrackingCookie.Qksrv : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@targetnet[2].txt -> TrackingCookie.Targetnet : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@trafic[1].txt -> TrackingCookie.Trafic : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@www.etracker[1].txt -> TrackingCookie.Etracker : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@yadro[1].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
C:\HiJack\backups\backup-20060421-130103-314.dll -> Adware.SBSoft : Nettoyer et sauvegarder
C:\Program Files\Windows TaskAd -> Adware.WinTaskAd : Nettoyer et sauvegarder
C:\Program Files\Windows TaskAd\Info.txt -> Adware.WinTaskAd : Nettoyer et sauvegarder
C:\Program Files\Windows TaskAd\__delete_on_reboot__WinSched.exe -> Adware.WinTaskAd : Nettoyer et sauvegarder
C:\System Volume Information\_restore{359D3BAE-1BCB-4BDA-BC09-ACC3DD369E9E}\RP199\A0092203.exe -> Adware.WinAD : Nettoyer et sauvegarder
C:\System Volume Information\_restore{359D3BAE-1BCB-4BDA-BC09-ACC3DD369E9E}\RP199\A0092204.dll -> Adware.WinAD : Nettoyer et sauvegarder
C:\WINDOWS\system32\shell32.exe -> Adware.WinAD : Nettoyer et sauvegarder
C:\WINDOWS\system32\__delete_on_reboot__tfnoa.dll -> Adware.SBSoft : Nettoyer et sauvegarder


::Fin du rapport

Et voilà le rapport HiJack




Logfile of HijackThis v1.99.1
Scan saved at 13:44:00, on 21/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\SecuritySuite.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HiJack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [backorif] qwe.exe
O4 - HKLM\..\Run: [XTermInit] Kargo.exe
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [UnSpyPC] C:\Program Files\UnSpyPC\UnSpyPC.exe
O4 - HKCU\..\Run: [keybdll] BoundRec.exe
O4 - HKCU\..\Run: [RtlFindVal] srbho.exe
O4 - HKCU\..\Run: [scanSYS] systemdll.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D303413-B109-42E2-8271-D2B7FD04343B}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBEAADA6-217D-4CC5-8E88-B8DBA24FCD32}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF103A27-8024-4E6F-9BB2-2FF97F662241}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CS1\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CS2\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O18 - Protocol: bw+0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

Re,

1/ Télécharge et installe CCleaner

http://www.clubic.com/telecharger-fiche14492-ccleaner-c...

Télécharge, installe et mets à jour ewido
Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".

http://www.infos-du-net.com/telecharger/Ewido-Security-...

2/ Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.

3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [backorif] qwe.exe
O4 - HKLM\..\Run: [XTermInit] Kargo.exe
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [UnSpyPC] C:\Program Files\UnSpyPC\UnSpyPC.exe
O4 - HKCU\..\Run: [keybdll] BoundRec.exe
O4 - HKCU\..\Run: [RtlFindVal] srbho.exe
O4 - HKCU\..\Run: [scanSYS] systemdll.exe
O18 - Protocol: bw+0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {B152F5D4-275A-4B84-8516-97F9F704B345} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)

5/ ensuite supprime les fichiers et/ou dossiers suivants si présents :

qwe.exe <== fait une recherche sur ton PC
Kargo.exe <== fait une recherche sur ton PC
C:\Program Files\Windows TaskAd <== le dossier
C:\Program Files\UnSpyPC <== le dossier
BoundRec.exe <== fait une recherche sur ton PC
srbho.exe <== fait une recherche sur ton PC
systemdll.exe <== fait une recherche sur ton PC

6/ Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage

7/ Redémarre normalement

8/ Télécharger haxfix.exe
et sauvegarde le sur le bureau.

http://www.infos-du-net.com/redirect.php?users.telenet....

Double cliquer sur haxfix.exe pour installer haxfix. (l'installation standard est c:\program Files\haxfix)

Cocher "Create a desktop icon"

Cliquer "Next"

Quand l'installation est terminée, s'assurer que "Launch HaxFix" est coché

Cliquer "Finish"

Une "fenêtre DOS" à fond rouge s'ouvre avec les options suivantes:
1. Make logfile (créer un rapport)
2. Run auto fix (lancer la réparation en mode automatique)
3. Run manual fix (lancer la réparation en mode manuel)
E. Exit Haxfix (quitter Haxfix)

Selectionner l'option 1. Make logfile en tapant 1 puis taper "Entrée"

Haxfix va analyser le système. Quand il a fini, un rapport s'ouvrira: haxlog.txt > (c:\haxlog.txt)

Colle ce rapport ici.

Ensuite.

Ouvrir le dossier C:\Program Files\haxfix et double-cliquer sur fix.bat
(ou double-cliquer sur l'icone du bureau fix.bat )

Fermer toutes les autres fenêtres, car Haxfix re-démarerra le système.

Selectionner l'option 2. Run auto fix en tapant 2 puis "Entrée"

si une infection est trouvée, Vous aurez un message demandant de fermer toutes les autres fenêtres ouvertes.

Fermer toutes les autres fenêtres sauf la fenêtre à fond rouge de haxfix puis taper "Entrée"

La machine sera re-démarrée

En fin de re-démarrage un rapport s'ouvrira > (c:\haxfix.txt)

Poster le contenu de ce rapport ainsi qu'un nouveau rapport HijackThis

eh bé, c'est bien long tout ça,

je vais enregistrer ta réponse sous word, pcq j'ai pas d'imprimante et c'est trop long à noter, je fais tout ça et je reviens dès que j'ai fini,

encore merci !!

voilà le 1er rapport de haxfix:

je continu ce que tu m'as dis de faire et je reposterai un autre rapport haxfix + un de HiJackThis:

HAXFIX logfile - by Marckie
--------------
version 2.31
21/04/2006 15:40:37,73

checking for ps.a3d....
ps.a3d not found

checking for p2s2.a3d....
p2s2.a3d not found

checking for matching notify keys....
no matching notify keys found

checking for matching services....
no matching services found

checking for matching safeboot services....
no matching safeboot services found

Haxfix n'ayant rien trouvé, il n'a pas redémarrer la machine, voilà le dernier rapport de HiJackThis:
j'espère qu'il est bon,

en tout cas, je suis contente de voir qu'il y a des personnes qui aident d'autres, merci ;-)


Logfile of HijackThis v1.99.1
Scan saved at 15:46:25, on 21/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\alg.exe
C:\HiJack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D303413-B109-42E2-8271-D2B7FD04343B}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBEAADA6-217D-4CC5-8E88-B8DBA24FCD32}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF103A27-8024-4E6F-9BB2-2FF97F662241}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CS1\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O17 - HKLM\System\CS2\Services\Tcpip\..\{110D20F2-B9E5-4E82-B644-3AFF51039441}: NameServer = 85.255.116.107,85.255.112.83
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

;-)

Re,

On finalise avec une analyse en ligne chez Kaspersky ou panda si Kaspersky ne fonctionne pas

Tu posterras le rapport ici

http://webscanner.kaspersky.fr/

http://www.pandasoftware.fr/Activescan/Activescan.html

kapersky? qu'est ce que c'est ?

j'ai encore une autre question
quand je lance une recherche sur google et que je clique sur un lien, je ne tombe pas toujours sur la bonne page ...

je procède en ce moment à une analyse en ligne avec panda et il me détecte pour l'instant 12 logiciels espions ...

Tu as une infection wareout.
Télécharge et lance Fixwareout.exe
Poste le rapport.
Ensuite fais à nouveau un scan avec ewido et poste le rapport.

Désolé

MDRR je lui ai fait telecharger haxfix.exe au lieu de Fixwareout.exe

Dur dur fin de semaine...

bon ben je télécharge fixwareout alors ...

et voilà ce que ça donne :



Check for missing files
.....
C:\WINDOWS\system32\AUTOEXEC.NT not there
.....
End check for missing files
.....
VXD Check
REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\VirtualDeviceDrivers]
"VDD"=hex(7):43,3a,5c,50,52,4f,47,52,41,7e,31,5c,53,79,6d,61,6e,74,65,63,5c,53,\
33,32,45,56,4e,54,31,2e,44,4c,4c,00,00
.....
End vxd check
.....
please post this at the forum

Re,

Peut tu poster le resultat de ton scan Panda ?

et voilà le rapport de ewido:
j'ai pas pu prendre celui de panda....



---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 18:30:31, 21/04/2006
+ Somme de contrôle: 2E00DD2D

+ Résultats du scan:

[724] VM_00D60000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[748] VM_00BF0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1764] VM_009D0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[176] VM_00880000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1144] VM_00890000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1156] VM_00880000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1220] VM_00890000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1288] VM_00A40000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1308] VM_00A20000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[884] VM_00930000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1720] VM_00E70000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1840] VM_009A0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
[1992] VM_003B0000 -> Downloader.Agent.uj : Erreur durant le nettoyage
C:\Documents and Settings\Gérôme\Cookies\gérôme@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Gérôme\Cookies\gérôme@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder


::Fin du rapport

bon je reviendrai demain, j'espère qu'il y aura une réponse :-D
bonne soirée à tous

bye

je viens à l'instant de me connecter au net, j'ai été sur google, j'ai fais "rechercher info du net", il m'a trouvé le lien mais une fois cliquer dessus, il m'a envoyer vers un site porno 4 fois de suite !!

aidez moi parce que là, ça m'énerve.... :-o

Bonjour,

Télécharge SpySweeper (de Webroot)

http://www.webroot.com/fr/products/spysweeper

Clique sur "Essayer".

Installe le programme. Une fois installé, il se lancera.

L'option de le mettre à jour s'affichera; clic Yes.

Lorsque les mises à jour seront installées, clic Options sur la gauche.

Clic sur l'onglet Sweep Options.

Sous What to Sweep, coche les options suivantes:

• Sweep Memory
  
• Sweep Registry
  
• Sweep Cookies
  
• Sweep All User Accounts
  
• Enable Direct Disk Sweeping
  
• Sweep Contents of Compressed Files
  
• Sweep for Rootkits
  
• DÉCOCHE Do not Sweep System Restore Folder.

Clic Sweep Now sur la gauche.

Clic sur Start.

Quand le scan est terminé, clic sur Next.

Assure-toi que tous les items sont cochés, puis clic sur Next.

Tous les items cochés seront éliminés.

Si Spy Sweeper veut redémarrer pour terminer le nettoyage : ACCEPTE.

Clic Session Log au haut - à droite, et copie tout ce qu'il y a dans la fenêtre.

Clic sur l'onglet Summary, puis clic sur Finish.

Colle le contenu du "Session Log" dans ta prochaine réponse et un nouveau rapport HijackThis.