Se connecter avec
S'enregistrer | Connectez-vous

[RESOLU]virusbusrter win machinchose 2006, trojan-gen pakes-EO BHO-R .

Dernière réponse : dans Sécurité

bjr,
j'ai, on va dire quelques petits soucis...
je suis "infecté" par virusburster, win machin chose 2006 (presenté comme un antivirus) s'ouvre avec IE toutes les 5 min, et avast détecte des trojans qui doivent etre lié a cela je suppose(trojan-gen, pakes-EO, BHO-R, et j'en oublie peut etre...
merci si quelqu'un pouvait m'aider, ce serai tres gentil a lui

j'ai lu quelques posts, et tous dise de faire une analyse avec hijackthis et de la posté ici donc voila....

Citation :
Logfile of HijackThis v1.99.1
Scan saved at 11:28:45, on 17/11/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\isnotify.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\Panneau de contrôle ATI\atiptaxx.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\{0064BA17-096B-1036-0819-020206260021}\Update.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\?icrosoft\w?auboot.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Baptiste\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {15C05846-9AA7-8335-8089-C66935DA8694} - C:\WINDOWS\System32\rzlqhh.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Cccs] "C:\WINDOWS\System32\MANTEC~1\cmd.exe" -vt yazb
O4 - HKCU\..\Run: [Qlhybnju] C:\WINDOWS\system32\?icrosoft\w?auboot.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: cussers - {ff170564-36c8-43f7-9100-559e166405cf} - C:\WINDOWS\System32\cfltygd.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Autres pages sur : resolu virusbusrter win machinchose 2006 trojan gen pakes bho

Lassé par la pub ? Créez un compte

Bonjour,

La procédure est longue et en partie en mode sans échec. Attention, tu n'as pas accès à Internet dans ce mode, enregistre cette page Web (clique sur fichier/enregistrer sous/choisis « Bureau ») ou imprime ce que tu as à faire et fait tout bien dans l'ordre.

1/ Télécharge SmitfraudFix de S!Ri :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

Tu le dézippes sur le Bureau.

2/ Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1

Poste le rapport.

3/ Redémarre en mode Sans Échec
(au démarrage, tapote immédiatement la touche F8), puis tu verras un écran avec choix de démarrages :
choisis Mode sans échec avec les flèches du clavier, puis valide avec Entrée.
Choisis ton compte usuel (et non Administrateur).

Si tu n’arrives vraiment pas à redémarrer en mode sans échec je te propose ce lien :

Redémarrer en mode sans échec

4/ Relances SmitfraudFix et choisis cette fois l’option 2 et réponds oui à tout.

Redémarres normalement et communiques le deuxième rapport de SmitfraudFix

5/ • Télécharge combofix.exe (par sUBs) sur ton Bureau

http://download.bleepingcomputer.com/sUBs/combofix.exe

• Double clique combofix.exe et suis les invites.
• Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

6/ Télécharge Blacklight (de F-Secure); clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.

Double-clique blbeta.exe et accepte la licence; clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe

Tu peux consulter le tutorial de F-Secure BlackLight : (merci à Malekal)

http://www.malekal.com/tutorial_f-secure_BlackLight.htm...

7/ Renomme HijackThis en Scanner.exe (clic droit sur le fichier HijackThis et choisis renommer).
Ensuite, lance le (double clic sur Scanner.exe ensuite tu l’exécutes) appuie sur Do a system scan a save a logfile, le bloc note va alors s’ouvrir, tu copies et tu colles le rapport ici dans ta prochaine réponse.

voici le rapport de smitfraudfix

Citation :
SmitFraudFix v2.122

Rapport fait à 15:27:52,64, 17/11/2006
Executé à partir de C:\Documents and Settings\Baptiste\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\cfltygd.dll PRESENT !
C:\WINDOWS\system32\ismini.exe PRESENT !
C:\WINDOWS\system32\isnotify.exe PRESENT !
C:\WINDOWS\system32\ot.ico PRESENT !
C:\WINDOWS\system32\ts.ico PRESENT !
C:\WINDOWS\system32\components\flx?.dll PRESENT !
C:\WINDOWS\system32\components\flx??.dll PRESENT !
C:\WINDOWS\system32\components\flx???.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Baptiste


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Baptiste\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Baptiste\Favoris

C:\DOCUME~1\Baptiste\Favoris\Antivirus Test Online.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{ff170564-36c8-43f7-9100-559e166405cf}"="cussers"

[HKEY_CLASSES_ROOT\CLSID\{ff170564-36c8-43f7-9100-559e166405cf}\InProcServer32]
@="C:\WINDOWS\System32\cfltygd.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ff170564-36c8-43f7-9100-559e166405cf}\InProcServer32]
@="C:\WINDOWS\System32\cfltygd.dll"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

deuxieme rapport de smitfraudfix

Citation :
SmitFraudFix v2.122

Rapport fait à 15:34:37,71, 17/11/2006
Executé à partir de C:\Documents and Settings\Baptiste\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{ff170564-36c8-43f7-9100-559e166405cf}"="cussers"

[HKEY_CLASSES_ROOT\CLSID\{ff170564-36c8-43f7-9100-559e166405cf}\InProcServer32]
@="C:\WINDOWS\System32\cfltygd.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ff170564-36c8-43f7-9100-559e166405cf}\InProcServer32]
@="C:\WINDOWS\System32\cfltygd.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

C:\WINDOWS\System32\cfltygd.dll -> Hoax.Win32.Renos.gen.i
C:\WINDOWS\System32\cfltygd.dll -> Deleted


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\system32\ismini.exe supprimé
C:\WINDOWS\system32\isnotify.exe supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\ts.ico supprimé
C:\WINDOWS\system32\components\flx?.dll supprimé
C:\DOCUME~1\Baptiste\Favoris\Antivirus Test Online.url supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

combofix


Citation :
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\Baptiste\Bureau"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\components
C:\Program Files\Fichiers communs\{0064BA17-096B-1036-0819-020206260021}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\WINDOWS\system32\ICROSO~1
C:\QooBox\Purity\WINDOWS\system32\MANTEC~1
C:\QooBox\Purity\WINDOWS\system32\ICROSO~1\w?auboot.exe
C:\QooBox\Purity\WINDOWS\system32\MANTEC~1\cmd.exe
C:\QooBox\Purity\WINDOWS\system32\MANTEC~1\??mantec


((((((((((((((((((((((((((((((( Files Created from 2006-10-17 to 2006-11-17 ))))))))))))))))))))))))))))))))))


2006-11-17 15:27 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-11-17 15:27 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-11-17 15:27 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-11-17 15:27 2,108 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-17 15:27 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-11-17 11:08 615,757 ---hs---- C:\WINDOWS\system32\ttutv.bak2
2006-11-16 19:21 692,276 ---hs---- C:\WINDOWS\system32\vtutt.dll
2006-11-16 19:21 587,680 ---hs---- C:\WINDOWS\system32\ttutv.bak1
2006-11-16 19:21 126,996 --a------ C:\WINDOWS\system32\ipdoejeo.dll
2006-11-16 19:21 110,612 --a------ C:\WINDOWS\system32\uhlflrhc.exe
2006-11-16 19:13 2 --a------ C:\WINDOWS\system32\wapisvtr.exe
2006-11-16 19:12 40,973 ---hs---- C:\WINDOWS\system32\tuvtstq.dll
2006-11-16 19:12 15,872 --a------ C:\WINDOWS\system32\winzoa32.dll
2006-11-16 19:06 42,920 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2006-11-16 19:03 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-11-16 19:03 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-11-16 19:03 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-11-16 19:03 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-11-16 19:03 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-11-16 19:03 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-11-16 19:03 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-11-16 19:00 69,632 --a------ C:\WINDOWS\system32\MCCDevice.dll
2006-11-16 19:00 6,048 --a------ C:\WINDOWS\system32\MCC16.dll
2006-11-16 18:35 663,552 --a------ C:\WINDOWS\system32\libeay32_1-1-0_DDR.dll
2006-11-16 18:35 532,594 --a------ C:\WINDOWS\system32\xerces-c_1_40_0_DDR.dll
2006-11-16 18:35 524,377 --a------ C:\WINDOWS\system32\stlport_4_0_0_DDR.dll
2006-11-16 18:35 307,329 --a------ C:\WINDOWS\system32\BJBase_2-2-2_DDR.dll
2006-11-16 18:35 159,744 --a------ C:\WINDOWS\system32\ssleay32_1-1-0_DDR.dll
2006-11-16 17:27 5,888 -ra------ C:\WINDOWS\system32\drivers\siside.sys
2006-11-16 17:27 45,568 -ra------ C:\WINDOWS\system32\drivers\R8139n51.sys
2006-11-16 17:27 28,160 -ra------ C:\WINDOWS\system32\drivers\SISAGP.SYS
2006-11-16 17:27 19,072 -ra------ C:\WINDOWS\system32\drivers\usbehci.sys
2006-11-16 16:48 81,920 --a------ C:\WINDOWS\system32\W32n50.dll
2006-11-16 16:48 17,162 --a------ C:\WINDOWS\system32\Pcandis5.sys
2006-11-16 16:48 16,848 --a------ C:\WINDOWS\system32\Pcandis4.sys
2006-11-16 16:47 306,688 --a------ C:\WINDOWS\IsUninst.exe
2006-11-12 21:35 73,728 --a------ C:\WINDOWS\system32\LVUI2RC.dll
2006-11-12 21:35 69,632 --a------ C:\WINDOWS\system32\lvcoinst.dll
2006-11-12 21:35 66,560 --a------ C:\WINDOWS\system32\drivers\lvcam2.dll
2006-11-12 21:35 57,344 --a------ C:\WINDOWS\system32\LVComC.dll
2006-11-12 21:35 414,720 --a------ C:\WINDOWS\system32\drivers\lvcodek2.dll
2006-11-12 21:35 39,936 --a------ C:\WINDOWS\system32\drivers\lvcd.sys
2006-11-12 21:35 308,224 --a------ C:\WINDOWS\IsUn040c.exe
2006-11-12 21:35 167,936 --a------ C:\WINDOWS\system32\lvcodec2.dll
2006-11-12 21:35 12,112 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2006-11-12 21:35 110,592 --a------ C:\WINDOWS\system32\LVUI2.dll
2006-11-12 21:35 102,400 --a------ C:\WINDOWS\system32\LVComS.exe
2006-11-12 21:34 81,920 -r------- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
2006-11-12 21:13 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll
2006-11-12 21:13 63,695 --a------ C:\WINDOWS\system32\drivers\atinrvxx.sys
2006-11-12 21:13 50,688 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-11-12 21:13 45,568 --a------ C:\WINDOWS\system32\iyuv_32.dll
2006-11-12 21:13 11,631 --a------ C:\WINDOWS\system32\drivers\atinmdxx.sys
2006-11-09 17:16 667,543 -ra------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2006-11-09 17:16 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-11-06 18:07 81,728 -ra------ C:\WINDOWS\system32\drivers\k750mgmt.sys
2006-11-06 18:07 6,144 -ra------ C:\WINDOWS\system32\drivers\k750cmnt.sys
2006-11-06 18:07 6,144 -ra------ C:\WINDOWS\system32\drivers\k750cm.sys
2006-11-06 18:07 21,760 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-11-06 18:06 89,872 -ra------ C:\WINDOWS\system32\drivers\k750mdm.sys
2006-11-06 18:06 79,488 -ra------ C:\WINDOWS\system32\drivers\k750obex.sys
2006-11-06 18:06 6,576 -ra------ C:\WINDOWS\system32\drivers\k750mdfl.sys
2006-11-06 18:06 55,216 -ra------ C:\WINDOWS\system32\drivers\k750bus.sys
2006-11-06 18:06 5,744 -ra------ C:\WINDOWS\system32\drivers\k750whnt.sys
2006-11-06 18:06 5,744 -ra------ C:\WINDOWS\system32\drivers\k750wh.sys
2006-11-06 18:03 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll
2006-11-06 18:03 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe
2006-11-06 18:03 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2006-11-06 18:03 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe
2006-11-06 18:03 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2006-11-06 18:03 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll
2006-11-06 18:03 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll
2006-11-06 18:03 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll
2006-11-06 18:03 76,800 --a------ C:\WINDOWS\system32\dmscript.dll
2006-11-06 18:03 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll
2006-11-06 18:03 723,968 --a------ C:\WINDOWS\system32\dpnet.dll
2006-11-06 18:03 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2006-11-06 18:03 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2006-11-06 18:03 667,648 --a------ C:\WINDOWS\system32\dinput8.dll
2006-11-06 18:03 648,704 --a------ C:\WINDOWS\system32\dinput.dll
2006-11-06 18:03 64,512 --a------ C:\WINDOWS\system32\amstream.dll
2006-11-06 18:03 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll
2006-11-06 18:03 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll
2006-11-06 18:03 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-11-06 18:03 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2006-11-06 18:03 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2006-11-06 18:03 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2006-11-06 18:03 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys
2006-11-06 18:03 470,528 --a------ C:\WINDOWS\system32\qdvd.dll
2006-11-06 18:03 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll
2006-11-06 18:03 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe
2006-11-06 18:03 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2006-11-06 18:03 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-11-06 18:03 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2006-11-06 18:03 381,952 --a------ C:\WINDOWS\system32\dsound.dll
2006-11-06 18:03 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll
2006-11-06 18:03 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-11-06 18:03 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll
2006-11-06 18:03 33,280 --a------ C:\WINDOWS\system32\dmloader.dll
2006-11-06 18:03 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll
2006-11-06 18:03 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll
2006-11-06 18:03 316,928 --a------ C:\WINDOWS\system32\qdv.dll
2006-11-06 18:03 31,744 --a------ C:\WINDOWS\system32\pid.dll
2006-11-06 18:03 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll
2006-11-06 18:03 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll
2006-11-06 18:03 292,864 --a------ C:\WINDOWS\system32\ddraw.dll
2006-11-06 18:03 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe
2006-11-06 18:03 27,136 --a------ C:\WINDOWS\system32\dmband.dll
2006-11-06 18:03 257,024 --a------ C:\WINDOWS\system32\qcap.dll
2006-11-06 18:03 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll
2006-11-06 18:03 230,400 --a------ C:\WINDOWS\system32\dplayx.dll
2006-11-06 18:03 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll
2006-11-06 18:03 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll
2006-11-06 18:03 181,248 --a------ C:\WINDOWS\system32\dmime.dll
2006-11-06 18:03 18,944 --a------ C:\WINDOWS\system32\encapi.dll
2006-11-06 18:03 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2006-11-06 18:03 18,432 --a------ C:\WINDOWS\system32\dswave.dll
2006-11-06 18:03 173,056 --a------ C:\WINDOWS\system32\qasf.dll
2006-11-06 18:03 16,896 --a------ C:\WINDOWS\system32\msyuv.dll
2006-11-06 18:03 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe
2006-11-06 18:03 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2006-11-06 18:03 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2006-11-06 18:03 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2006-11-06 18:03 132,608 --a------ C:\WINDOWS\system32\devenum.dll
2006-11-06 18:03 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys
2006-11-06 18:03 13,312 --a------ C:\WINDOWS\system32\msdmo.dll
2006-11-06 18:03 122,880 --a------ C:\WINDOWS\system32\dmusic.dll
2006-11-06 18:03 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll
2006-11-06 18:03 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2006-11-06 18:03 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll
2006-11-06 18:03 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys
2006-11-06 18:03 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2006-11-06 18:03 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
2006-11-06 18:03 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll
2006-11-06 18:03 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll
2006-11-06 18:03 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll
2006-11-06 18:03 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll
2006-11-06 18:03 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-11-06 18:03 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll
2006-11-06 18:03 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll
2006-11-06 14:19 46,592 --a------ C:\WINDOWS\SOUNDMAN.EXE
2006-11-06 14:13 48,000 --a------ C:\WINDOWS\system32\drivers\OVCam2.sys
2006-11-06 14:13 44,544 --a------ C:\WINDOWS\system32\OVUI2.dll
2006-11-06 14:13 42,496 --a------ C:\WINDOWS\system32\OVUI2RC.dll
2006-11-06 14:13 39,424 --a------ C:\WINDOWS\system32\OVComS.exe
2006-11-06 14:13 351,616 --a------ C:\WINDOWS\system32\drivers\OVCodek2.sys
2006-11-06 14:13 28,032 --a------ C:\WINDOWS\system32\drivers\OVCD.sys
2006-11-06 14:13 20,480 --a------ C:\WINDOWS\system32\OVComC.dll
2006-11-06 14:13 116,736 --a------ C:\WINDOWS\system32\OVCodec2.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-17 16:06 -------- d-------- C:\Program Files\Fichiers communs
2006-11-17 15:39 -------- d-------- C:\Program Files\Mozilla Firefox
2006-11-17 12:13 -------- d-------- C:\Program Files\QuickTime
2006-11-17 12:10 -------- d-------- C:\Program Files\Apple Software Update
2006-11-16 20:30 -------- d-------- C:\Program Files\ESTsoft
2006-11-16 20:30 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\ESTsoft
2006-11-16 20:12 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\vlc
2006-11-16 19:59 -------- d---s---- C:\Documents and Settings\Baptiste\Application Data\Microsoft
2006-11-16 19:58 -------- d-------- C:\Program Files\MSN Messenger
2006-11-16 19:58 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-11-16 19:27 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\Mozilla
2006-11-16 19:21 -------- d-------- C:\Program Files\VSAdd-in
2006-11-16 19:21 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\SearchToolbarCorp
2006-11-16 19:05 -------- d-------- C:\Program Files\Zone Labs
2006-11-16 19:03 -------- d-------- C:\Program Files\Alwil Software
2006-11-16 19:02 -------- d-------- C:\Program Files\Club-Internet
2006-11-16 19:02 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\Macromedia
2006-11-16 18:35 -------- d-------- C:\Program Files\Motive
2006-11-16 18:35 -------- d-------- C:\Program Files\BroadJump
2006-11-16 16:48 -------- d-------- C:\Program Files\Fichiers communs\Motive
2006-11-16 16:47 -------- d-------- C:\Program Files\Common Files
2006-11-12 21:48 -------- d-------- C:\Program Files\Microsoft AutoRoute
2006-11-12 21:47 -------- d-------- C:\Program Files\Microsoft Office
2006-11-12 21:46 -------- d-------- C:\Program Files\Microsoft Works
2006-11-12 21:44 -------- d-------- C:\Program Files\Microsoft Works Suite 2002
2006-11-12 21:42 -------- d-------- C:\Program Files\Fichiers communs\Real
2006-11-12 21:35 -------- d-------- C:\Program Files\Logitech
2006-11-12 21:35 -------- d-------- C:\Program Files\Fichiers communs\Logitech
2006-11-12 21:35 -------- d-------- C:\Program Files\Fichiers communs\FotoWire
2006-11-12 21:35 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\FotoWire
2006-11-12 21:34 -------- d-------- C:\Program Files\Windows Media Components
2006-11-12 21:34 -------- d-------- C:\Program Files\directx
2006-11-12 21:33 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-12 21:28 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\Help
2006-11-12 21:13 -------- d-------- C:\Program Files\ATI Technologies
2006-11-12 21:12 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-11-06 18:05 -------- d-------- C:\Program Files\Sony Ericsson
2006-11-06 18:05 -------- d-------- C:\Program Files\Fichiers communs\Teleca Shared
2006-11-06 18:05 -------- d-------- C:\Program Files\Common~1
2006-11-06 14:25 -------- d--h----- C:\Program Files\WindowsUpdate
2006-10-11 16:17 -------- d-------- C:\Program Files\Windows Media Player
2006-10-11 16:17 -------- d-------- C:\Program Files\Messenger
2006-10-11 16:16 -------- d-------- C:\Documents and Settings\Baptiste\Application Data\Identities
2006-10-11 16:08 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-07 21:44 -------- d-------- C:\Program Files\xerox
2006-10-07 21:44 -------- d-------- C:\Program Files\microsoft frontpage
2006-10-07 21:43 0 -rahs---- C:\MSDOS.SYS
2006-10-07 21:43 0 -rahs---- C:\IO.SYS
2006-10-07 21:43 0 --a------ C:\CONFIG.SYS
2006-10-07 21:43 0 --a------ C:\AUTOEXEC.BAT
2006-10-07 21:42 -------- d-------- C:\Program Files\Services en ligne
2006-10-07 21:42 -------- d-------- C:\Program Files\Movie Maker
2006-10-07 21:42 -------- d-------- C:\Program Files\Internet Explorer
2006-10-07 21:41 -------- d-------- C:\Program Files\Outlook Express
2006-10-07 21:41 -------- d-------- C:\Program Files\NetMeeting
2006-10-07 21:41 -------- d-------- C:\Program Files\Fichiers communs\System
2006-10-07 21:41 -------- d-------- C:\Program Files\Fichiers communs\Services
2006-10-07 21:41 -------- d-------- C:\Program Files\Fichiers communs\MSSoap
2006-10-07 21:41 -------- d-------- C:\Program Files\ComPlus Applications
2006-10-07 21:40 -------- d-------- C:\Program Files\Windows NT
2006-10-07 21:40 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-10-07 21:40 -------- d-------- C:\Program Files\MSN
2006-10-07 20:06 -------- d-------- C:\Program Files\Fichiers communs\SpeechEngines
2006-10-07 20:06 -------- d-------- C:\Program Files\Fichiers communs\ODBC
2006-10-07 20:05 62 --ahs---- C:\Documents and Settings\Baptiste\Application Data\desktop.ini


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe"
"Cccs"="\"C:\\WINDOWS\\System32\\MANTEC~1\\cmd.exe\" -vt yazb"
"Qlhybnju"="C:\\WINDOWS\\system32\\?icrosoft\\w?auboot.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"ATIPTA"="atiptaxx.exe"
"LVCOMS"="C:\\Program Files\\Fichiers communs\\Logitech\\QCDriver\\LVCOMS.EXE"
"LogitechGalleryRepair"="C:\\Program Files\\Logitech\\ImageStudio\\ISStart.exe"
"LogitechImageStudioTray"="C:\\Program Files\\Logitech\\ImageStudio\\LogiTray.exe"
"WorksFUD"="C:\\Program Files\\Microsoft Works\\wkfud.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"Microsoft Works Update Detection"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"BJCFD"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
"Motive SmartBridge"="C:\\PROGRA~1\\CLUB-I~1\\LECOMP~1\\SMARTB~1\\MotiveSB.exe"
"StandardInstall"=""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtutt
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winzoa32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Completion time: 06-11-17 16:06:31.29
C:\ComboFix.txt ... 06-11-17 16:06

blacklight

Citation :
11/17/06 16:10:58 [Info]: BlackLight Engine 1.0.47 initialized
11/17/06 16:10:58 [Info]: OS: 5.1 build 2600 ()
11/17/06 16:10:58 [Note]: 7019 4
11/17/06 16:10:58 [Note]: 7005 0
11/17/06 16:11:01 [Note]: 7006 0
11/17/06 16:11:01 [Note]: 7011 1524
11/17/06 16:11:01 [Note]: 7026 0
11/17/06 16:11:01 [Note]: 7026 0
11/17/06 16:11:08 [Note]: FSRAW library version 1.7.1020

Bonjour,

Télécharge puis installe AVG Anti-Spyware (AVG AS)
Une fois AVG AS lancé, clique sur "Mise à jour"
Ferme le programme.
AIDE : Tuto de Malekal

Redémarre en mode sans échec

Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

/!\ Si un fichier est infecté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Redémarre normalement
Copie/Colle le rapport ici.

scanner.exe :
Citation :
Logfile of HijackThis v1.99.1
Scan saved at 00:17:08, on 20/11/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\Panneau de contrôle ATI\atiptaxx.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Documents and Settings\Baptiste\Bureau\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {15C05846-9AA7-8335-8089-C66935DA8694} - C:\WINDOWS\System32\rzlqhh.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O2 - BHO: (no name) - {9E8AFD1A-6BB3-409E-845F-3CFBDC902DC9} - C:\WINDOWS\System32\vtutt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Cccs] "C:\WINDOWS\System32\MANTEC~1\cmd.exe" -vt yazb
O4 - HKCU\..\Run: [Qlhybnju] C:\WINDOWS\system32\?icrosoft\w?auboot.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O18 - Protocol: bw+0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: vtutt - C:\WINDOWS\System32\vtutt.dll
O20 - Winlogon Notify: winzoa32 - C:\WINDOWS\SYSTEM32\winzoa32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

avg anti-spyware:
Citation :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 09:44:17 20/11/2006

+ Résultat de l'analyse:



C:\Program Files\VSAdd-in\VSAdd-in.dll -> Adware.Agent : Nettoyé.
C:\System Volume Information\_restore{F54FAFEF-67FF-4CA5-BA59-25EDCC8CDC31}\RP17\A0009848.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{F54FAFEF-67FF-4CA5-BA59-25EDCC8CDC31}\RP17\A0009849.exe -> Adware.Softomate : Nettoyé.
C:\WINDOWS\system32\tuvtstq.dll -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Purity\WINDOWS\system32\MANTEC~1\cmd.exe -> Downloader.PurityScan.dt : Nettoyé.
C:\System Volume Information\_restore{F54FAFEF-67FF-4CA5-BA59-25EDCC8CDC31}\RP17\A0009812.exe -> Downloader.Zlob.aes : Nettoyé.
C:\System Volume Information\_restore{F54FAFEF-67FF-4CA5-BA59-25EDCC8CDC31}\RP17\A0009810.dll -> Not-A-Virus.Hoax.Win32.Renos.ap : Nettoyé.
C:\System Volume Information\_restore{F54FAFEF-67FF-4CA5-BA59-25EDCC8CDC31}\RP17\A0009816.dll -> Not-A-Virus.Hoax.Win32.Renos.fa : Nettoyé.
:mozilla.103:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.117:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.93:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.89:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.16:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.27:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.66:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.13:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.87:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.11:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.15:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.17:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@goclick[2].txt -> TrackingCookie.Goclick : Nettoyé.
:mozilla.23:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.73:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.74:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.75:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.76:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.121:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.122:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.123:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.124:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.125:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.126:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.45:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.46:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.47:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.67:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.146:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Baptiste\Cookies\baptiste@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.114:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.115:C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.


Fin du rapport

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

    vundo:
    Citation :

    VundoFix V6.2.11

    Checking Java version...

    Sun Java not detected
    Scan started at 21:01:06 20/11/2006

    Listing files found while scanning....

    C:\WINDOWS\System32\ttutv.ini
    C:\WINDOWS\System32\ttutv.bak1
    C:\WINDOWS\System32\ttutv.bak2

    Beginning removal...

    Attempting to delete C:\WINDOWS\System32\vtutt.dll
    C:\WINDOWS\System32\vtutt.dll Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.ini
    C:\WINDOWS\System32\ttutv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.bak1
    C:\WINDOWS\System32\ttutv.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.bak2
    C:\WINDOWS\System32\ttutv.bak2 Has been deleted!

    Performing Repairs to the registry.
    Done!

    histjackthis!:
    Citation :
    Logfile of HijackThis v1.99.1
    Scan saved at 21:07:31, on 20/11/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\Panneau de contrôle ATI\atiptaxx.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Documents and Settings\Baptiste\Bureau\scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {15C05846-9AA7-8335-8089-C66935DA8694} - C:\WINDOWS\System32\rzlqhh.dll (file missing)
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: (no name) - {2D0B6973-E9E8-4557-B4F5-0FB85370770B} - C:\WINDOWS\System32\vtutt.dll (file missing)
    O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Cccs] "C:\WINDOWS\System32\MANTEC~1\cmd.exe" -vt yazb
    O4 - HKCU\..\Run: [Qlhybnju] C:\WINDOWS\system32\?icrosoft\w?auboot.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O18 - Protocol: bw+0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: winzoa32 - C:\WINDOWS\SYSTEM32\winzoa32.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

  • Double-clique VundoFix.exe afin de le lancer
  • NE clique PAS sur le bouton Scan for Vundo
  • Clique Droit dans la fenêtre blanche, choisis Add more files ?
  • Rajoute dans la première ligne :
    C:\WINDOWS\SYSTEM32\winzoa32.dll
  • Clique successivement sur :
    - Add Files
    - Close Windows
    - Remove Vundo
  • Si l'outil te demande de redémarrer, accepte.
  • Copie/Colle ensuite le rapport C:\vundofix.txt

    vundo:
    Citation :

    VundoFix V6.2.11

    Checking Java version...

    Sun Java not detected
    Scan started at 21:01:06 20/11/2006

    Listing files found while scanning....

    C:\WINDOWS\System32\ttutv.ini
    C:\WINDOWS\System32\ttutv.bak1
    C:\WINDOWS\System32\ttutv.bak2

    Beginning removal...

    Attempting to delete C:\WINDOWS\System32\vtutt.dll
    C:\WINDOWS\System32\vtutt.dll Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.ini
    C:\WINDOWS\System32\ttutv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.bak1
    C:\WINDOWS\System32\ttutv.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.bak2
    C:\WINDOWS\System32\ttutv.bak2 Has been deleted!

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\SYSTEM32\winzoa32.dll
    C:\WINDOWS\SYSTEM32\winzoa32.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    et bien ca a fiat un gros boulot deja! je n'ia plus l'air des problemes...fausse impression, ou nettoyage fini réellement?
    merci beaucoup

    ps: des que j'ai confirmation de votre part, je met résolu...
    juste une petite question "zonealarm pro"+"avast" suffisant pour ma sécurité ou alors vous me conseiller autres choses?
    j'utilise egalement "ccleaner" afin de nettoyer un peu...
    faut t'il que je garde avg anti-spyware et que j'active sa protection residente? ou alors j'en prends un autre...ou rien d'autres dutout!

    merci encore

    histjackthis!:
    Citation :
    Logfile of HijackThis v1.99.1
    Scan saved at 20:10:13, on 21/11/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Documents and Settings\Baptiste\Bureau\scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {15C05846-9AA7-8335-8089-C66935DA8694} - (no file)
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: (no name) - {2D0B6973-E9E8-4557-B4F5-0FB85370770B} - (no file)
    O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: (no name) - {74DD705D-6834-439C-A735-A6DBE2677452} - (no file)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O18 - Protocol: bw+0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe



    oki merci

    Re,

    - Lance Hijackthis ->Do a system scan only
    ->Coche les lignes ci-dessous :

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {15C05846-9AA7-8335-8089-C66935DA8694} - (no file)
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: (no name) - {2D0B6973-E9E8-4557-B4F5-0FB85370770B} - (no file)
    O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - (no file)
    O3 - Toolbar: (no name) - {74DD705D-6834-439C-A735-A6DBE2677452} - (no file)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    Clique sur Fix checked (en bas à gauche)

    rapport kapersky:
    Citation :
    KASPERSKY ON-LINE SCANNER REPORT
    Wednesday, November 22, 2006 1:01:15 PM
    Système d'exploitation : Microsoft Windows XP Home Edition, (Build 2600)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 22/11/2006
    Enregistrements dans la base antivirus Kaspersky : 230039
    Paramètres d'analyse
    Analyser avec la base antivirus suivante standard
    Analyser les archives vrai
    Analyser les bases de messagerie vrai
    Cible de l'analyse Poste de travail
    A:\
    C:\
    D:\
    E:\
    Statistiques de l'analyse
    Total d'objets analysés 26368
    Nombre de virus trouvés 2
    Nombre d'objets infectés 3 / 0
    Nombre d'objets suspects 0
    Durée de l'analyse 00:28:47

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\cert8.db L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\formhistory.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\history.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\key3.db L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\parent.lock L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\search.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Messenger\baptiste44@hotmail.com\SharingMetadata\Logs\Dfsr.log L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Messenger\baptiste44@hotmail.com\SharingMetadata\pending.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Messenger\baptiste44@hotmail.com\SharingMetadata\Working\database_4600_64C1_64_BA17\dfsr.db L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Messenger\baptiste44@hotmail.com\SharingMetadata\Working\database_4600_64C1_64_BA17\fsr.log L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Messenger\baptiste44@hotmail.com\SharingMetadata\Working\database_4600_64C1_64_BA17\fsrtmp.log L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Messenger\baptiste44@hotmail.com\SharingMetadata\Working\database_4600_64C1_64_BA17\tmp.edb L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Windows Live Contacts\baptiste44@hotmail.com\real\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Microsoft\Windows Live Contacts\baptiste44@hotmail.com\shadow\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Application Data\Mozilla\Firefox\Profiles\g0rfb6b3.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Historique\History.IE5\MSHist012006112220061123\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Temp\~DF4A25.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Temp\~DF782.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Temp\~DF894.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Temp\~DFB82B.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Temp\~DFB83D.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\Baptiste\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
    C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
    C:\Program Files\Club-Internet\Le Compagnon Club\log\mpbtn.log L'objet est verrouillé ignoré
    C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\AlertFilter.log L'objet est verrouillé ignoré
    C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\log\httpclient.log L'objet est verrouillé ignoré
    C:\Program Files\Club-Internet\Le Compagnon Club\SmartBridge\SmartBridge.log L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\BWDocMap.pht L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\chandir.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\chandir.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\chn.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\chn.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\D0000000.FCS L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\inuse.txt L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\L0000002.FCS L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\main.log L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_die.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_die.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_dnd.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_dnd.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_ext.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_ext.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_rcv.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\prs_rcv.idx L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\storydb.dat L'objet est verrouillé ignoré
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Baptiste\Data\storydb.idx L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{F54FAFEF-67FF-4CA5-BA59-25EDCC8CDC31}\RP34\A0012927.dll Infecté : Packed.Win32.Klone.g ignoré
    C:\System Volume Information\_restore{F54FAFEF-67FF-4CA5-BA59-25EDCC8CDC31}\RP36\change.log L'objet est verrouillé ignoré
    C:\VundoFix Backups\winzoa32.dll .bad Infecté : Packed.Win32.Klone.g ignoré
    C:\WINDOWS\Debug\oakley.log L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\Internet Logs\FUJITSU.ldb L'objet est verrouillé ignoré
    C:\WINDOWS\Internet Logs\fwdbglog.txt L'objet est verrouillé ignoré
    C:\WINDOWS\Internet Logs\fwpktlog.txt L'objet est verrouillé ignoré
    C:\WINDOWS\Internet Logs\IAMDB.RDB L'objet est verrouillé ignoré
    C:\WINDOWS\Internet Logs\tvDebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
    C:\WINDOWS\SoftwareDistribution\EventCache\{56E54F4A-435E-4841-B0F3-4145D8B22757}.bin L'objet est verrouillé ignoré
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\WINDOWS\system32\ipdoejeo.dll Infecté : Trojan-Spy.Win32.VBStat.h ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\Perflib_Perfdata_5ac.dat L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\ZLT0403c.TMP L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\ZLT05ba2.TMP L'objet est verrouillé ignoré
    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
    Analyse terminée.

    histjackthis!
    Citation :
    Logfile of HijackThis v1.99.1
    Scan saved at 13:18:08, on 22/11/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Baptiste\Bureau\scanner.exe.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O18 - Protocol: bw+0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Re,

  • Double-clique VundoFix.exe afin de le lancer
  • NE clique PAS sur le bouton Scan for Vundo
  • Clique Droit dans la fenêtre blanche, choisis Add more files ?
  • Rajoute dans la première ligne :
    C:\WINDOWS\system32\ipdoejeo.dll
  • Clique successivement sur :
    - Add Files
    - Close Windows
    - Remove Vundo
  • Si l'outil te demande de redémarrer, accepte.
  • Copie/Colle ensuite le rapport C:\vundofix.txt

    Déscative puis réactive la restauration du système.

    Citation :

    VundoFix V6.2.11

    Checking Java version...

    Sun Java not detected
    Scan started at 21:01:06 20/11/2006

    Listing files found while scanning....

    C:\WINDOWS\System32\ttutv.ini
    C:\WINDOWS\System32\ttutv.bak1
    C:\WINDOWS\System32\ttutv.bak2

    Beginning removal...

    Attempting to delete C:\WINDOWS\System32\vtutt.dll
    C:\WINDOWS\System32\vtutt.dll Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.ini
    C:\WINDOWS\System32\ttutv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.bak1
    C:\WINDOWS\System32\ttutv.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\System32\ttutv.bak2
    C:\WINDOWS\System32\ttutv.bak2 Has been deleted!

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\SYSTEM32\winzoa32.dll
    C:\WINDOWS\SYSTEM32\winzoa32.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\ipdoejeo.dll
    C:\WINDOWS\system32\ipdoejeo.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Citation :
    Logfile of HijackThis v1.99.1
    Scan saved at 18:29:57, on 23/11/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\utorrent\utorrent.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\SpeedSim\SpeedSim.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Baptiste\Bureau\scanner.exe.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O18 - Protocol: bw+0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {3C654938-6DA2-4A60-A461-908CB59BE6EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    j'ai le meme probleme (critical system errors),
    merci d'avance,voici le rapport hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 18:45:50, on 23/11/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system\driver\csrss.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Menara\dslmon.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\DOCUME~1\ADMINI~1.001\LOCALS~1\Temp\Rar$EX00.828\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Menara
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O1 - Hosts: 62.189.6.78 _sip._tls.sip1.callserve.com
    O1 - Hosts: 62.189.6.78 _sip._ssl.sip1.callserve.com
    O1 - Hosts: 62.189.6.79 _sip._tls.sip2.callserve.com
    O1 - Hosts: 62.189.6.79 _sip._ssl.sip2.callserve.com
    O1 - Hosts: 62.189.6.85 _sip._tls.sip5.phoneserve.com
    O1 - Hosts: 62.189.6.85 _sip._ssl.sip5.phoneserve.com
    O1 - Hosts: 62.189.6.86 _sip._tls.sip6.phoneserve.com
    O1 - Hosts: 62.189.6.86 _sip._ssl.sip6.phoneserve.com
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: GigagetIEHelper Class - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\MSN Messenger\htc.8.1.0106.00.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
    O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
    O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KXHCM10 Control) - http://60.33.165.138:5080/kxhcm10.ocx
    O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://webcam.datainstituttet.no/activex/AMC.cab
    O16 - DPF: {87BE3784-6977-4E84-AA08-55A96B9CEAC5} (BL_Camera) - http://67.154.21.186:8002/bl_camera.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C8457B15-296B-4230-8029-278C8E21455B}: NameServer = 212.217.0.3 196.217.246.210
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O21 - SSODL: gaonic - {f31aee4a-1530-4fef-8537-79c6973bff9a} - (no file)
    O21 - SSODL: gimmicks - {40dcff6e-af8d-4183-8ebe-a82270ac449e} - C:\WINDOWS\system32\dcvwaah.dll
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner - d:\MATLAB7\webserver\bin\win32\matlabserver.exe
    O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
    O23 - Service: NTLOAD - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe
    O23 - Service: NTSVCMGR - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

    et bien pareil alors...merci beaucoup

    Citation :
    et bien ca a fiat un gros boulot deja! je n'ia plus l'air des problemes...fausse impression, ou nettoyage fini réellement?
    merci beaucoup

    ps: des que j'ai confirmation de votre part, je met résolu...
    juste une petite question "zonealarm pro"+"avast" suffisant pour ma sécurité ou alors vous me conseiller autres choses?
    j'utilise egalement "ccleaner" afin de nettoyer un peu...
    faut t'il que je garde avg anti-spyware et que j'active sa protection residente? ou alors j'en prends un autre...ou rien d'autres dutout!

    merci encore

    Lassé par la pub ? Créez un compte

    Créer un nouveau sujet

    Tom's guide dans le monde