Pubs pour des anti-virus envahissantes(Résolu)

Bonjour,

- Télécharge Hijackthis (de Merjin).
- Dézippe le dans un dossier ou sur ton bureau.

- Lance l'application.
- Choisis l'option "Do a system scan and save a logfile"
-- Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
- Colle le rapport ici.

AIDE : Tuto sur Hijackthis (Malekal)

Logfile of HijackThis v1.99.1
Scan saved at 16:20:54, on 28/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MultiRes\MultiRes.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Inventel\Gateway\WLANCFG.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\s?mbols\?ttrib.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\Nouveau dossier\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MultiRes] C:\Program Files\MultiRes\MultiRes.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\vqamipbu.dll",setvm
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

Pas de lignes 02 pas de 020 Winlogon....

- Clique-Droit sur Hijackthis.exe :
-> Choisis "Renommer"
-> Tape Scanner.exe puis valide
- Poste ensuite un nouveau rapport.

Logfile of HijackThis v1.99.1
Scan saved at 16:25:30, on 28/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MultiRes\MultiRes.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Inventel\Gateway\WLANCFG.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\s?mbols\?ttrib.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\Nouveau dossier\Scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\xkevbfou.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9423CB04-29ED-253A-CFA3-2250D0FE25E2} - C:\WINDOWS\system32\gdkdhg.dll
O2 - BHO: (no name) - {A271813E-C562-49D6-ACAB-7022DE99E45F} - C:\WINDOWS\system32\mllml.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MultiRes] C:\Program Files\MultiRes\MultiRes.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\vqamipbu.dll",setvm
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: mllml - C:\WINDOWS\system32\mllml.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

C'est bien du Vundo.

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

VundoFix V6.2.13

Checking Java version...

Java version is 1.4.2.3

Java version is 1.5.0.4

Java version is 1.5.0.5

Java version is 1.5.0.6

Java version is 1.5.0.8

Java version is 1.5.0.9

Scan started at 16:37:46 28/12/2006

Listing files found while scanning....

C:\WINDOWS\system32\mllml.dll
C:\WINDOWS\system32\lmllm.ini
C:\WINDOWS\system32\lmllm.bak1
C:\WINDOWS\system32\lmllm.bak2
C:\WINDOWS\system32\lmllm.ini2
C:\WINDOWS\system32\lmllm.tmp

Beginning removal...

Attempting to delete C:\WINDOWS\system32\mllml.dll
C:\WINDOWS\system32\mllml.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lmllm.ini
C:\WINDOWS\system32\lmllm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\lmllm.bak1
C:\WINDOWS\system32\lmllm.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lmllm.bak2
C:\WINDOWS\system32\lmllm.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lmllm.ini2
C:\WINDOWS\system32\lmllm.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\lmllm.tmp
C:\WINDOWS\system32\lmllm.tmp Has been deleted!

Performing Repairs to the registry.
Done!


Logfile of HijackThis v1.99.1
Scan saved at 16:58:07, on 28/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MultiRes\MultiRes.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Inventel\Gateway\WLANCFG.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\Nouveau dossier\Scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\xkevbfou.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9423CB04-29ED-253A-CFA3-2250D0FE25E2} - C:\WINDOWS\system32\gdkdhg.dll
O2 - BHO: (no name) - {A271813E-C562-49D6-ACAB-7022DE99E45F} - C:\WINDOWS\system32\mllml.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MultiRes] C:\Program Files\MultiRes\MultiRes.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\vqamipbu.dll",setvm
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

Re,

Télécharge combofix.exe (par sUBs) sur ton Bureau

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

HP_Propri‚taire - 06-12-28 17:08:31,48 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\HP_Propri‚taire\Bureau"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\components
C:\Program Files\Fichiers communs\{3805CE64-0D49-1036-0310-050502150021}
C:\Program Files\Fichiers communs\{E805CE64-0D49-1036-0310-050502150021}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\WINDOWS\SMBOLS~1
C:\QooBox\Purity\WINDOWS\SMBOLS~1\s?mbols


((((((((((((((((((((((((((((((( Files Created from 2006-11-28 to 2006-12-28 ))))))))))))))))))))))))))))))))))


2006-12-28 16:37 <REP> d-------- C:\VundoFix Backups
2006-12-28 15:24 88,340 --a------ C:\WINDOWS\system32\nxshirbc.exe
2006-12-28 14:08 88,340 --a------ C:\WINDOWS\system32\fpepnlli.exe
2006-12-28 02:25 88,340 --a------ C:\WINDOWS\system32\okpyycyi.exe
2006-12-28 02:25 44,060 --a------ C:\WINDOWS\system32\xkevbfou.dll
2006-12-27 18:06 88,340 --a------ C:\WINDOWS\system32\wgyvjfaf.exe
2006-12-27 18:06 81,684 --a------ C:\WINDOWS\system32\xjvtghnw.dll
2006-12-27 17:57 <REP> d-------- C:\Program Files\Windows Media Connect 2
2006-12-27 17:54 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-12-27 12:13 88,340 --a------ C:\WINDOWS\system32\ltdnyyvs.exe
2006-12-26 23:47 88,340 --a------ C:\WINDOWS\system32\vqqxkyow.exe
2006-12-26 13:15 88,340 --a------ C:\WINDOWS\system32\armtdbpw.exe
2006-12-25 12:27 88,340 --a------ C:\WINDOWS\system32\gjutgstc.exe
2006-12-25 03:30 88,340 --a------ C:\WINDOWS\system32\ubmitojq.exe
2006-12-24 10:53 88,340 --a------ C:\WINDOWS\system32\yhokqgbo.exe
2006-12-23 19:56 88,340 --a------ C:\WINDOWS\system32\wbyitrhh.exe
2006-12-23 19:38 33,890 --a------ C:\WINDOWS\system32\drivers\Capt905c.sys
2006-12-23 19:38 24,605 --a------ C:\WINDOWS\system32\drivers\Camd905c.sys
2006-12-23 19:31 88,340 --a------ C:\WINDOWS\system32\lguvskqj.exe
2006-12-23 15:57 88,340 --a------ C:\WINDOWS\system32\cltqagmy.exe
2006-12-23 01:22 88,340 --a------ C:\WINDOWS\system32\ggnllgvu.exe
2006-12-22 21:31 88,340 --a------ C:\WINDOWS\system32\jiawhtdb.exe
2006-12-22 00:13 88,340 --a------ C:\WINDOWS\system32\rjqijgqu.exe
2006-12-22 00:13 88,340 --a------ C:\WINDOWS\system32\ishuhavx.exe
2006-12-21 23:12 88,340 --a------ C:\WINDOWS\system32\ewnfbbml.exe
2006-12-21 23:11 88,340 --a------ C:\WINDOWS\system32\fiscyvlc.exe
2006-12-21 21:11 88,340 --a------ C:\WINDOWS\system32\tfgmowqj.exe
2006-12-21 21:10 88,340 --a------ C:\WINDOWS\system32\nwvajssa.exe
2006-12-21 21:09 88,340 --a------ C:\WINDOWS\system32\lciwmnkj.exe
2006-12-21 18:09 88,340 --a------ C:\WINDOWS\system32\ayovljkl.exe
2006-12-21 18:08 88,340 --a------ C:\WINDOWS\system32\pqobbeht.exe
2006-12-20 18:06 88,340 --a------ C:\WINDOWS\system32\nhyghlwm.exe
2006-12-19 18:01 88,340 --a------ C:\WINDOWS\system32\tkynjlev.exe
2006-12-18 18:18 88,340 --a------ C:\WINDOWS\system32\pskpleuq.exe
2006-12-17 14:01 88,340 --a------ C:\WINDOWS\system32\aclsrgyp.exe
2006-12-17 14:01 <REP> d-------- C:\Program Files\VSAdd-in
2006-12-17 01:41 88,340 --a------ C:\WINDOWS\system32\sidnvhqs.exe
2006-12-16 23:49 88,340 --a------ C:\WINDOWS\system32\bhmhmmgj.exe
2006-12-16 13:46 88,340 --a------ C:\WINDOWS\system32\mcpgorod.exe
2006-12-16 13:45 44,052 --a------ C:\WINDOWS\system32\tuxtixaa.dll
2006-12-15 22:38 88,340 --a------ C:\WINDOWS\system32\xndmgwas.exe
2006-12-15 22:37 88,340 --a------ C:\WINDOWS\system32\nhcmwrum.exe
2006-12-15 22:36 88,340 --a------ C:\WINDOWS\system32\agshvyca.exe
2006-12-15 19:35 88,340 --a------ C:\WINDOWS\system32\nvqmuflv.exe
2006-12-15 19:34 88,340 --a------ C:\WINDOWS\system32\fahujhqw.exe
2006-12-15 19:33 88,340 --a------ C:\WINDOWS\system32\kuaemptj.exe
2006-12-15 17:09 88,340 --a------ C:\WINDOWS\system32\rkfcssab.exe
2006-12-15 17:08 88,340 --a------ C:\WINDOWS\system32\kqwocnqu.exe
2006-12-15 17:06 88,340 --a------ C:\WINDOWS\system32\tokiwmwm.exe
2006-12-15 17:05 88,340 --a------ C:\WINDOWS\system32\iabiyvfa.exe
2006-12-15 01:00 88,340 --a------ C:\WINDOWS\system32\hqdqtybr.exe
2006-12-15 01:00 118,804 --a------ C:\WINDOWS\system32\vqamipbu.dll
2006-12-14 18:50 88,340 --a------ C:\WINDOWS\system32\jnkhpgup.exe
2006-12-14 07:04 88,340 --a------ C:\WINDOWS\system32\swwwhciq.exe
2006-12-13 19:57 88,340 --a------ C:\WINDOWS\system32\ghkiaxcv.exe
2006-12-13 19:56 88,340 --a------ C:\WINDOWS\system32\yepquyad.exe
2006-12-13 19:54 88,340 --a------ C:\WINDOWS\system32\vkuajcny.exe
2006-12-13 17:58 88,340 --a------ C:\WINDOWS\system32\ltwxgoup.exe
2006-12-13 17:57 88,340 --a------ C:\WINDOWS\system32\kcstcird.exe
2006-12-13 17:56 88,340 --a------ C:\WINDOWS\system32\qnyefuwk.exe
2006-12-13 14:56 88,340 --a------ C:\WINDOWS\system32\pgfalgiq.exe
2006-12-13 14:55 88,340 --a------ C:\WINDOWS\system32\kuyagosa.exe
2006-12-13 14:54 88,340 --a------ C:\WINDOWS\system32\guyvsqha.exe
2006-12-13 13:47 <REP> d-------- C:\WINDOWS\WBEM
2006-12-13 13:47 <REP> d-------- C:\WINDOWS\system32\fr-fr
2006-12-13 13:46 <REP> d--h-c--- C:\WINDOWS\ie7
2006-12-13 13:38 88,340 --a------ C:\WINDOWS\system32\kqitgkjt.exe
2006-12-13 13:29 1,216,512 --a------ C:\Documents and Settings\HP_Propri‚taire\System.dll
2006-12-12 19:08 88,340 --a------ C:\WINDOWS\system32\reuojfqa.exe
2006-12-12 19:00 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Lavasoft
2006-12-12 18:55 78,336 --a------ C:\WINDOWS\system32\drivers\ssi.sys
2006-12-12 18:55 102,912 --a------ C:\WINDOWS\system32\islzma.dll
2006-12-12 18:54 <REP> d-------- C:\Program Files\Webroot
2006-12-12 18:54 <REP> d-------- C:\Program Files\SpywareBlaster
2006-12-12 18:54 <REP> d-------- C:\Program Files\Lavasoft
2006-12-12 18:54 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Webroot
2006-12-12 18:50 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
2006-12-12 18:49 <REP> d-------- C:\Program Files\Hitman Pro
2006-12-12 18:10 88,340 --a------ C:\WINDOWS\system32\enwsnvyt.exe
2006-12-11 18:43 <REP> d-------- C:\Program Files\eMule
2006-12-11 18:14 <REP> d--h----- C:\Program Files\Fichiers communs\Uninstall Information
2006-12-11 18:13 88,340 --a------ C:\WINDOWS\system32\kkxqjedc.exe
2006-12-10 22:14 88,340 --a------ C:\WINDOWS\system32\wufgjigq.exe
2006-12-10 21:23 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2006-12-10 21:23 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2006-12-10 21:23 <REP> d-------- C:\WINDOWS\system32\AlertModule
2006-12-10 21:18 <REP> d-------- C:\Program Files\Inventel
2006-12-10 20:44 88,340 --a------ C:\WINDOWS\system32\xurblgdn.exe
2006-12-10 13:03 88,340 --a------ C:\WINDOWS\system32\upyptswv.exe
2006-12-10 02:30 88,340 --a------ C:\WINDOWS\system32\ffufjtwn.exe
2006-12-10 00:02 88,340 --a------ C:\WINDOWS\system32\omjyksxj.exe
2006-12-10 00:00 88,340 --a------ C:\WINDOWS\system32\yuljirut.exe
2006-12-09 20:55 88,340 --a------ C:\WINDOWS\system32\wgslaykp.exe
2006-12-09 20:39 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2006-12-09 20:39 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2006-12-09 20:11 88,340 --a------ C:\WINDOWS\system32\mysmifrw.exe
2006-12-09 20:11 88,340 --a------ C:\WINDOWS\system32\auoduqex.exe
2006-12-09 19:45 88,340 --a------ C:\WINDOWS\system32\qgqgmgoh.exe
2006-12-09 16:11 88,340 --a------ C:\WINDOWS\system32\yhuopraq.exe
2006-12-09 14:25 88,340 --a------ C:\WINDOWS\system32\bisblxsk.exe
2006-12-09 12:32 88,340 --a------ C:\WINDOWS\system32\clvdaydm.exe
2006-12-09 01:47 88,340 --a------ C:\WINDOWS\system32\aswqecew.exe
2006-12-07 20:58 88,340 --a------ C:\WINDOWS\system32\jvxkqjrr.exe
2006-12-07 20:55 88,340 --a------ C:\WINDOWS\system32\atlsnmus.exe
2006-12-07 20:52 88,340 --a------ C:\WINDOWS\system32\dmxavwnq.exe
2006-12-07 17:43 88,340 --a------ C:\WINDOWS\system32\opvfnjje.exe
2006-12-07 16:38 88,340 --a------ C:\WINDOWS\system32\kvwcnmlt.exe
2006-12-07 16:37 88,340 --a------ C:\WINDOWS\system32\fbagjboo.exe
2006-12-07 16:30 <REP> d-------- C:\Program Files\PeDevice
2006-12-06 21:51 88,340 --a------ C:\WINDOWS\system32\rmqmlxht.exe
2006-12-06 21:44 88,340 --a------ C:\WINDOWS\system32\tvphxqbg.exe
2006-12-06 21:42 88,340 --a------ C:\WINDOWS\system32\iepwdorl.exe
2006-12-06 21:19 88,340 --a------ C:\WINDOWS\system32\gvwqygea.exe
2006-12-06 18:56 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-06 18:55 <REP> d-------- C:\WINDOWS\network diagnostic
2006-12-05 22:32 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2006-12-05 22:32 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-12-05 22:32 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2006-12-05 22:32 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-12-05 22:32 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-12-05 22:32 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-12-05 22:32 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\SmitfraudFix
2006-12-05 22:05 61,584 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-12-05 22:05 59,536 --a------ C:\WINDOWS\system32\drivers\klin.sys
2006-12-05 22:05 <REP> d-------- C:\Program Files\Kaspersky Lab
2006-12-05 21:25 34,308 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-12-05 21:19 88,340 --a------ C:\WINDOWS\system32\tcrkffmc.exe
2006-12-05 21:14 56,320 --a------ C:\WINDOWS\system32\gdkdhg.dll
2006-12-05 21:14 2 --a------ C:\WINDOWS\system32\wnsinttr.exe
2006-12-05 21:13 72,704 --a------ C:\WINDOWS\system32\drvcih.dll
2006-12-05 21:13 40,973 ---hs---- C:\WINDOWS\system32\xxyvvtr.dll
2006-11-29 20:07 49,152 --a------ C:\WINDOWS\system32\INETWH32.dll
2006-11-29 20:07 1,056,768 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2006-11-29 20:07 <REP> d-------- C:\WINDOWS\PreviewSoft
2006-11-29 19:58 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Ulead Systems
2006-11-29 19:57 <REP> d-------- C:\WINDOWS\Vbox
2006-11-29 19:57 <REP> d-------- C:\WINDOWS\Noslip
2006-11-29 19:57 <REP> d-------- C:\Program Files\Ulead Systems
2006-11-29 19:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-28 17:10 -------- d-------- C:\Program Files\Fichiers communs
2006-12-28 17:06 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-28 16:55 -------- d-------- C:\Program Files\Wanadoo
2006-12-28 16:19 23700 --a------ C:\Documents and Settings\HP_Propri‚taire\Application Data\wklnhst.dat
2006-12-28 02:13 359808 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS
2006-12-27 18:10 -------- d-------- C:\Program Files\Windows Media Player
2006-12-23 19:38 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-23 01:29 -------- d-------- C:\Program Files\MSN Messenger
2006-12-23 01:29 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-12-22 23:17 -------- d-------- C:\Program Files\World of Warcraft
2006-12-17 14:56 61448 --a------ C:\Documents and Settings\HP_Propri‚taire\Application Data\GDIPFONTCACHEV1.DAT
2006-12-13 19:41 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Microsoft
2006-12-13 13:50 -------- d-------- C:\Program Files\Internet Explorer
2006-12-13 13:48 -------- d-------- C:\Program Files\Outlook Express
2006-12-13 13:48 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-10 21:19 278528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-12-10 21:17 81920 --a------ C:\WINDOWS\system32\W32N50.dll
2006-12-10 21:17 17134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
2006-12-09 20:39 -------- d-------- C:\Program Files\TuneUp Utilities 2006
2006-12-07 16:40 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-06 21:19 1036288 --a------ C:\WINDOWS\explorer.exe
2006-11-29 20:05 -------- d-------- C:\Program Files\QuickTime
2006-11-25 19:28 -------- d-------- C:\Program Files\iTunes
2006-11-25 19:28 -------- d-------- C:\Program Files\iPod
2006-11-25 19:27 -------- d-------- C:\Program Files\Apple Software Update
2006-11-25 15:11 -------- d-------- C:\Program Files\WowCartographe
2006-11-25 13:48 -------- d-------- C:\Program Files\Google
2006-11-22 22:00 -------- d-------- C:\Program Files\Java
2006-11-19 05:22 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-17 19:37 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\AdobeUM
2006-11-15 15:44 18273 --a------ C:\WINDOWS\system32\drivers\klop.sys
2006-11-12 01:11 -------- d-------- C:\Program Files\JetAudio
2006-11-12 01:11 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\COWON
2006-11-12 01:10 -------- d-------- C:\Program Files\Fichiers communs\COWON
2006-11-12 00:39 -------- d-------- C:\Program Files\Fichiers communs\River Past
2006-11-12 00:39 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\River Past G4
2006-11-11 14:26 -------- d-------- C:\Program Files\Wanadoo Messager
2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-03 10:03 8292352 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-03 09:59 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-03 09:58 272384 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-03 09:56 7680 --a------ C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 44032 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-11-01 17:42 94314 --a------ C:\WINDOWS\system32\klogon.dll
2006-10-20 02:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 --------- C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
2006-09-30 02:27 49152 --a------ C:\npbittorrent.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
2006-09-28 16:05 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-09-28 16:05 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-09-28 16:04 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-09-28 16:03 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"WOOKIT"="C:\\PROGRA~1\\Wanadoo\\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM="
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\" /WinStart"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"Acme.PCHButton"="C:\\PROGRA~1\\HELPAN~1\\HPQ\\XPXWWPP5\\plugin\\bin\\PCHButton.exe"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe"
"HPHUPD06"="c:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"
"HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"ATIPTA"="atiptaxx.exe"
"SoundMan"="SOUNDMAN.EXE"
"AlcWzrd"="ALCWZRD.EXE"
"Alcmtr"="ALCMTR.EXE"
"LSBWatcher"="c:\\hp\\drivers\\hplsbwatcher\\lsburnwatcher.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"MultiRes"="C:\\Program Files\\MultiRes\\MultiRes.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\""
@=""
"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
"DllRunning"="rundll32.exe \"C:\\WINDOWS\\system32\\vqamipbu.dll\",setvm"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,de,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=hex:95,00,00,00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\HPpromotions psc 2350 series.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

Completion time: 06-12-28 17:11:45.64
C:\ComboFix.txt ... 06-12-28 17:11

Re,

Fais un scan en ligne Kaspersky avec Internet Explorer :

Clique sur

Clique maintenant sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.

Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Configurer le contrôle des ActiveX

jveu pas analyser jveu le tuer!!!! jveu pas acheter jveu downloader lol

Je t'ai déjà dit de retourner sur MSN  

Thursday, December 28, 2006 8:00:27 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 28/12/2006
Enregistrements dans la base antivirus Kaspersky : 240455
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Statistiques de l'analyse
Total d'objets analysés 228049
Nombre de virus trouvés 1
Nombre d'objets infectés 1 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:32:19

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.idx L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.rpt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\eventlog.rpt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\report.rpt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\formhistory.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\LightScribe\log\log296.txt L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\t4irnbnw.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\Perflib_Perfdata_210.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\Perflib_Perfdata_b30.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\Perflib_Perfdata_b68.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\HP_Propriétaire\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.ilg L'objet est verrouillé ignoré
C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.ilg L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\BWDocMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\L0000001.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\HP_Propriétaire\Data\storydb.idx L'objet est verrouillé ignoré
C:\RECYCLER\S-1-5-21-825953376-2989598911-3667397048-1007\Dc1\shadowlau@ifrance.com.txt L'objet est verrouillé ignoré
C:\RECYCLER\S-1-5-21-825953376-2989598911-3667397048-1007\Dc2.jpg L'objet est verrouillé ignoré
C:\RECYCLER\S-1-5-21-825953376-2989598911-3667397048-1007\Dc3.jpg L'objet est verrouillé ignoré
C:\RECYCLER\S-1-5-21-825953376-2989598911-3667397048-1007\Dc4.doc L'objet est verrouillé ignoré
C:\RECYCLER\S-1-5-21-825953376-2989598911-3667397048-1007\Dc5.wmv L'objet est verrouillé ignoré
C:\RECYCLER\S-1-5-21-825953376-2989598911-3667397048-1007\Dc6.zip L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP211\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox.dat L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox.idx L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox2.dat L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox2.idx L'objet est verrouillé ignoré
C:\WINDOWS\system32\drvcih.dll Infecté : not-virus:Hoax.Win32.Renos.gi ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP211\change.log L'objet est verrouillé ignoré
Analyse terminée.

Re,

Télécharge Smitfraudfix (de S!ri).
Enregistre-le sur ton bureau.
Lance SmitfraudFix.exe (le .exe peut ne pas apparaitre).
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.

NOTE :
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Rapport fait à 20:40:16,09, 28/12/2006
Executé à partir de C:\Documents and Settings\HP_Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_PRO~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="\"C:\\PROGRA~1\\KASPER~1\\KASPER~1.0\\adialhk.dll\""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Le rapport n'est pas complet.
Manque la 1ere ligne  

SmitFraudFix v2.131

Rapport fait à 20:45:10,62, 28/12/2006
Executé à partir de C:\Documents and Settings\HP_Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_PRO~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="\"C:\\PROGRA~1\\KASPER~1\\KASPER~1.0\\adialhk.dll\""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


(jespere que cette fois ci c'est bon j'ai fais selectionner tout copier/coller ^^

C'est bon  



Va sur le site de S!ri
Clique sur Parcourir... puis ouvre:

C:\WINDOWS\system32\drvcih.dll

Mets le lien de la discussion dans la case où cela est demandée.
Clique ensuite sur Upload

Je te prépare la suite.

Re,

Désinstalle si possible :
VSAdd-In
PEdevice

Télécharge KillBox d'Option^Explicit.
Dézippe le dans un dossier ou sur ton bureau (Clique droit puis Extraire Tout).

Selectionne le texte dans le cadre :



---> Clique Droit puis Copier.
----------

-- Ouvre Killbox.exe
-- Choisis "Delete on reboot"
-- Clique sur :
- " File " -> " Paste from Clipboard "
- " All Files "

Pour terminer clique sur

Une question te sera alors posée :
" File will be Removed on Reboot, Do you want to reboot now ? "

-- Répond par OUI, un compte à rebours s'enclenche, ton PC va redémarrer.
-- Après redémarrage, relance Killbox puis clique sur le menu : Files -> Logs -> Actions History Log, poste ce rapport ici.

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!"
Redémarre ton PC manuellement.

AIDE : Tuto sur KillBox (Jesses)

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 9:08 PM

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 9:09 PM

Killbox Closed(Exit) @ 9:09:01 PM
__________________________________________________

# 1 [Delete on Reboot]
Path = C:\WINDOWS\system32\nxshirbc.exe


# 2 [Delete on Reboot]
Path = C:\WINDOWS\system32\fpepnlli.exe


# 3 [Delete on Reboot]
Path = C:\WINDOWS\system32\okpyycyi.exe


# 4 [Delete on Reboot]
Path = C:\WINDOWS\system32\xkevbfou.dll


# 5 [Delete on Reboot]
Path = C:\WINDOWS\system32\wgyvjfaf.exe


# 6 [Delete on Reboot]
Path = C:\WINDOWS\system32\xjvtghnw.dll


# 7 [Delete on Reboot]
Path = C:\WINDOWS\system32\ltdnyyvs.exe


# 8 [Delete on Reboot]
Path = C:\WINDOWS\system32\vqqxkyow.exe


# 9 [Delete on Reboot]
Path = C:\WINDOWS\system32\armtdbpw.exe


# 10 [Delete on Reboot]
Path = C:\WINDOWS\system32\gjutgstc.exe


# 11 [Delete on Reboot]
Path = C:\WINDOWS\system32\yhokqgbo.exe


# 12 [Delete on Reboot]
Path = C:\WINDOWS\system32\wbyitrhh.exe


# 13 [Delete on Reboot]
Path = C:\WINDOWS\system32\ubmitojq.exe


# 14 [Delete on Reboot]
Path = C:\WINDOWS\system32\lguvskqj.exe


# 15 [Delete on Reboot]
Path = C:\WINDOWS\system32\cltqagmy.exe


# 16 [Delete on Reboot]
Path = C:\WINDOWS\system32\ggnllgvu.exe


# 17 [Delete on Reboot]
Path = C:\WINDOWS\system32\jiawhtdb.exe


# 18 [Delete on Reboot]
Path = C:\WINDOWS\system32\rjqijgqu.exe


# 19 [Delete on Reboot]
Path = C:\WINDOWS\system32\ishuhavx.exe


# 20 [Delete on Reboot]
Path = C:\WINDOWS\system32\ewnfbbml.exe


# 21 [Delete on Reboot]
Path = C:\WINDOWS\system32\fiscyvlc.exe


# 22 [Delete on Reboot]
Path = C:\WINDOWS\system32\tfgmowqj.exe


# 23 [Delete on Reboot]
Path = C:\WINDOWS\system32\nwvajssa.exe


# 24 [Delete on Reboot]
Path = C:\WINDOWS\system32\lciwmnkj.exe


# 25 [Delete on Reboot]
Path = C:\WINDOWS\system32\ayovljkl.exe


# 26 [Delete on Reboot]
Path = C:\WINDOWS\system32\pqobbeht.exe


# 27 [Delete on Reboot]
Path = C:\WINDOWS\system32\nhyghlwm.exe


# 28 [Delete on Reboot]
Path = C:\WINDOWS\system32\tkynjlev.exe


# 29 [Delete on Reboot]
Path = C:\WINDOWS\system32\pskpleuq.exe


# 30 [Delete on Reboot]
Path = C:\WINDOWS\system32\aclsrgyp.exe


# 31 [Delete on Reboot]
Path = C:\Program Files\VSAdd-in


# 32 [Delete on Reboot]
Path = C:\WINDOWS\system32\sidnvhqs.exe


# 33 [Delete on Reboot]
Path = C:\WINDOWS\system32\bhmhmmgj.exe


# 34 [Delete on Reboot]
Path = C:\WINDOWS\system32\mcpgorod.exe


# 35 [Delete on Reboot]
Path = C:\WINDOWS\system32\tuxtixaa.dll


# 36 [Delete on Reboot]
Path = C:\WINDOWS\system32\xndmgwas.exe


# 37 [Delete on Reboot]
Path = C:\WINDOWS\system32\nhcmwrum.exe


# 38 [Delete on Reboot]
Path = C:\WINDOWS\system32\agshvyca.exe


# 39 [Delete on Reboot]
Path = C:\WINDOWS\system32\nvqmuflv.exe


# 40 [Delete on Reboot]
Path = C:\WINDOWS\system32\fahujhqw.exe


# 41 [Delete on Reboot]
Path = C:\WINDOWS\system32\kuaemptj.exe


# 42 [Delete on Reboot]
Path = C:\WINDOWS\system32\rkfcssab.exe


# 43 [Delete on Reboot]
Path = C:\WINDOWS\system32\kqwocnqu.exe


# 44 [Delete on Reboot]
Path = C:\WINDOWS\system32\tokiwmwm.exe


# 45 [Delete on Reboot]
Path = C:\WINDOWS\system32\iabiyvfa.exe


# 46 [Delete on Reboot]
Path = C:\WINDOWS\system32\hqdqtybr.exe


# 47 [Delete on Reboot]
Path = C:\WINDOWS\system32\vqamipbu.dll


# 48 [Delete on Reboot]
Path = C:\WINDOWS\system32\jnkhpgup.exe


# 49 [Delete on Reboot]
Path = C:\WINDOWS\system32\swwwhciq.exe


# 50 [Delete on Reboot]
Path = C:\WINDOWS\system32\ghkiaxcv.exe


# 51 [Delete on Reboot]
Path = C:\WINDOWS\system32\yepquyad.exe


# 52 [Delete on Reboot]
Path = C:\WINDOWS\system32\vkuajcny.exe


# 53 [Delete on Reboot]
Path = C:\WINDOWS\system32\ltwxgoup.exe


# 54 [Delete on Reboot]
Path = C:\WINDOWS\system32\kcstcird.exe


# 55 [Delete on Reboot]
Path = C:\WINDOWS\system32\qnyefuwk.exe


# 56 [Delete on Reboot]
Path = C:\WINDOWS\system32\pgfalgiq.exe


# 57 [Delete on Reboot]
Path = C:\WINDOWS\system32\kuyagosa.exe


# 58 [Delete on Reboot]
Path = C:\WINDOWS\system32\guyvsqha.exe


# 59 [Delete on Reboot]
Path = C:\WINDOWS\system32\kqitgkjt.exe


# 60 [Delete on Reboot]
Path = C:\WINDOWS\system32\reuojfqa.exe


# 61 [Delete on Reboot]
Path = C:\WINDOWS\system32\enwsnvyt.exe


# 62 [Delete on Reboot]
Path = C:\WINDOWS\system32\kkxqjedc.exe


# 63 [Delete on Reboot]
Path = C:\WINDOWS\system32\wufgjigq.exe


# 64 [Delete on Reboot]
Path = C:\WINDOWS\system32\xurblgdn.exe


# 65 [Delete on Reboot]
Path = C:\WINDOWS\system32\upyptswv.exe


# 66 [Delete on Reboot]
Path = C:\WINDOWS\system32\ffufjtwn.exe


# 67 [Delete on Reboot]
Path = C:\WINDOWS\system32\omjyksxj.exe


# 68 [Delete on Reboot]
Path = C:\WINDOWS\system32\yuljirut.exe


# 69 [Delete on Reboot]
Path = C:\WINDOWS\system32\wgslaykp.exe


# 70 [Delete on Reboot]
Path = C:\WINDOWS\system32\uxtuneup.dll


# 71 [Delete on Reboot]
Path = C:\WINDOWS\system32\mysmifrw.exe


# 72 [Delete on Reboot]
Path = C:\WINDOWS\system32\auoduqex.exe


# 73 [Delete on Reboot]
Path = C:\WINDOWS\system32\qgqgmgoh.exe


# 74 [Delete on Reboot]
Path = C:\WINDOWS\system32\yhuopraq.exe


# 75 [Delete on Reboot]
Path = C:\WINDOWS\system32\bisblxsk.exe


# 76 [Delete on Reboot]
Path = C:\WINDOWS\system32\clvdaydm.exe


# 77 [Delete on Reboot]
Path = C:\WINDOWS\system32\aswqecew.exe


# 78 [Delete on Reboot]
Path = C:\WINDOWS\system32\jvxkqjrr.exe


# 79 [Delete on Reboot]
Path = C:\WINDOWS\system32\atlsnmus.exe


# 80 [Delete on Reboot]
Path = C:\WINDOWS\system32\dmxavwnq.exe


# 81 [Delete on Reboot]
Path = C:\WINDOWS\system32\opvfnjje.exe


# 82 [Delete on Reboot]
Path = C:\WINDOWS\system32\kvwcnmlt.exe


# 83 [Delete on Reboot]
Path = C:\WINDOWS\system32\fbagjboo.exe


# 84 [Delete on Reboot]
Path = C:\Program Files\PeDevice


# 85 [Delete on Reboot]
Path = C:\WINDOWS\system32\rmqmlxht.exe


# 86 [Delete on Reboot]
Path = C:\WINDOWS\system32\tvphxqbg.exe


# 87 [Delete on Reboot]
Path = C:\WINDOWS\system32\iepwdorl.exe


# 88 [Delete on Reboot]
Path = C:\WINDOWS\system32\gvwqygea.exe


# 89 [Delete on Reboot]
Path = C:\WINDOWS\system32\wnsinttr.exe


# 90 [Delete on Reboot]
Path = C:\WINDOWS\system32\drvcih.dll


# 91 [Delete on Reboot]
Path = C:\WINDOWS\system32\xxyvvtr.dll


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 9:11:28 PM
Killbox Closed(Exit) @ 9:11:57 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 9:17 PM

Tu as bien uploadé le fichier ?

Refais un scan Combofix maintenant.

mais ds l'url faut que je mette : http://www.infos-du-net.com/forum/263617-11-pubs-anti-v...

car j'ai pas trop compris là dsl (jsuis un noob)

Presque :
http://www.infos-du-net.com/forum/263617-11-pubs-anti-v...

EDIT : le problème c'est que je t'ai fait supprimer le fichier...

Mmmm ben c'est bien ce que j'avais fais...


HP_Propri‚taire - 06-12-28 21:40:39,68 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\HP_Propri‚taire\Bureau"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\WINDOWS\SMBOLS~1
C:\QooBox\Purity\WINDOWS\SMBOLS~1\s?mbols


((((((((((((((((((((((((((((((( Files Created from 2006-11-28 to 2006-12-28 ))))))))))))))))))))))))))))))))))


2006-12-28 21:08 <REP> d-------- C:\!KillBox
2006-12-28 20:40 3,592 --a------ C:\WINDOWS\system32\tmp.reg
2006-12-28 17:20 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2006-12-28 16:37 <REP> d-------- C:\VundoFix Backups
2006-12-27 17:57 <REP> d-------- C:\Program Files\Windows Media Connect 2
2006-12-27 17:54 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-12-23 19:38 33,890 --a------ C:\WINDOWS\system32\drivers\Capt905c.sys
2006-12-23 19:38 24,605 --a------ C:\WINDOWS\system32\drivers\Camd905c.sys
2006-12-17 14:01 <REP> d-------- C:\Program Files\VSAdd-in
2006-12-13 13:47 <REP> d-------- C:\WINDOWS\WBEM
2006-12-13 13:47 <REP> d-------- C:\WINDOWS\system32\fr-fr
2006-12-13 13:46 <REP> d--h-c--- C:\WINDOWS\ie7
2006-12-13 13:29 1,216,512 --a------ C:\Documents and Settings\HP_Propri‚taire\System.dll
2006-12-12 19:00 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Lavasoft
2006-12-12 18:55 78,336 --a------ C:\WINDOWS\system32\drivers\ssi.sys
2006-12-12 18:55 102,912 --a------ C:\WINDOWS\system32\islzma.dll
2006-12-12 18:54 <REP> d-------- C:\Program Files\Webroot
2006-12-12 18:54 <REP> d-------- C:\Program Files\SpywareBlaster
2006-12-12 18:54 <REP> d-------- C:\Program Files\Lavasoft
2006-12-12 18:54 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Webroot
2006-12-12 18:50 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
2006-12-12 18:49 <REP> d-------- C:\Program Files\Hitman Pro
2006-12-11 18:43 <REP> d-------- C:\Program Files\eMule
2006-12-11 18:14 <REP> d--h----- C:\Program Files\Fichiers communs\Uninstall Information
2006-12-10 21:23 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2006-12-10 21:23 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2006-12-10 21:23 <REP> d-------- C:\WINDOWS\system32\AlertModule
2006-12-10 21:18 <REP> d-------- C:\Program Files\Inventel
2006-12-09 20:39 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2006-12-07 16:30 <REP> d-------- C:\Program Files\PeDevice
2006-12-06 18:56 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-06 18:55 <REP> d-------- C:\WINDOWS\network diagnostic
2006-12-05 22:32 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2006-12-05 22:32 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-12-05 22:32 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2006-12-05 22:32 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-12-05 22:32 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-12-05 22:32 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-12-05 22:32 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\SmitfraudFix
2006-12-05 22:05 61,584 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-12-05 22:05 59,536 --a------ C:\WINDOWS\system32\drivers\klin.sys
2006-12-05 22:05 <REP> d-------- C:\Program Files\Kaspersky Lab
2006-12-05 21:25 34,308 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-12-05 21:19 88,340 --a------ C:\WINDOWS\system32\tcrkffmc.exe
2006-12-05 21:14 56,320 --a------ C:\WINDOWS\system32\gdkdhg.dll
2006-11-29 20:07 49,152 --a------ C:\WINDOWS\system32\INETWH32.dll
2006-11-29 20:07 1,056,768 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2006-11-29 20:07 <REP> d-------- C:\WINDOWS\PreviewSoft
2006-11-29 19:58 <REP> d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Ulead Systems
2006-11-29 19:57 <REP> d-------- C:\WINDOWS\Vbox
2006-11-29 19:57 <REP> d-------- C:\WINDOWS\Noslip
2006-11-29 19:57 <REP> d-------- C:\Program Files\Ulead Systems
2006-11-29 19:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-28 21:39 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-28 21:14 -------- d-------- C:\Program Files\Wanadoo
2006-12-28 21:07 23890 --a------ C:\Documents and Settings\HP_Propri‚taire\Application Data\wklnhst.dat
2006-12-28 17:10 -------- d-------- C:\Program Files\Fichiers communs
2006-12-28 02:13 359808 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS
2006-12-27 18:10 -------- d-------- C:\Program Files\Windows Media Player
2006-12-23 19:38 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-23 01:29 -------- d-------- C:\Program Files\MSN Messenger
2006-12-23 01:29 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-12-22 23:17 -------- d-------- C:\Program Files\World of Warcraft
2006-12-17 14:56 61448 --a------ C:\Documents and Settings\HP_Propri‚taire\Application Data\GDIPFONTCACHEV1.DAT
2006-12-13 19:41 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\Microsoft
2006-12-13 13:50 -------- d-------- C:\Program Files\Internet Explorer
2006-12-13 13:48 -------- d-------- C:\Program Files\Outlook Express
2006-12-13 13:48 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-10 21:19 278528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-12-10 21:17 81920 --a------ C:\WINDOWS\system32\W32N50.dll
2006-12-10 21:17 17134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
2006-12-09 20:39 -------- d-------- C:\Program Files\TuneUp Utilities 2006
2006-12-07 16:40 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-06 21:19 1036288 --a------ C:\WINDOWS\explorer.exe
2006-11-29 20:05 -------- d-------- C:\Program Files\QuickTime
2006-11-25 19:28 -------- d-------- C:\Program Files\iTunes
2006-11-25 19:28 -------- d-------- C:\Program Files\iPod
2006-11-25 19:27 -------- d-------- C:\Program Files\Apple Software Update
2006-11-25 15:11 -------- d-------- C:\Program Files\WowCartographe
2006-11-25 13:48 -------- d-------- C:\Program Files\Google
2006-11-22 22:00 -------- d-------- C:\Program Files\Java
2006-11-19 05:22 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-17 19:37 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\AdobeUM
2006-11-15 15:44 18273 --a------ C:\WINDOWS\system32\drivers\klop.sys
2006-11-12 01:11 -------- d-------- C:\Program Files\JetAudio
2006-11-12 01:11 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\COWON
2006-11-12 01:10 -------- d-------- C:\Program Files\Fichiers communs\COWON
2006-11-12 00:39 -------- d-------- C:\Program Files\Fichiers communs\River Past
2006-11-12 00:39 -------- d-------- C:\Documents and Settings\HP_Propri‚taire\Application Data\River Past G4
2006-11-11 14:26 -------- d-------- C:\Program Files\Wanadoo Messager
2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-03 10:03 8292352 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-03 09:59 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-03 09:58 272384 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-03 09:56 7680 --a------ C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 44032 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-11-01 17:42 94314 --a------ C:\WINDOWS\system32\klogon.dll
2006-10-20 02:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 --------- C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
2006-09-30 02:27 49152 --a------ C:\npbittorrent.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
2006-09-28 16:05 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-09-28 16:05 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-09-28 16:04 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-09-28 16:03 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"WOOKIT"="C:\\PROGRA~1\\Wanadoo\\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM="
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\" /WinStart"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"Acme.PCHButton"="C:\\PROGRA~1\\HELPAN~1\\HPQ\\XPXWWPP5\\plugin\\bin\\PCHButton.exe"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe"
"HPHUPD06"="c:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"
"HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"ATIPTA"="atiptaxx.exe"
"SoundMan"="SOUNDMAN.EXE"
"AlcWzrd"="ALCWZRD.EXE"
"Alcmtr"="ALCMTR.EXE"
"LSBWatcher"="c:\\hp\\drivers\\hplsbwatcher\\lsburnwatcher.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"MultiRes"="C:\\Program Files\\MultiRes\\MultiRes.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\""
@=""
"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
"DllRunning"="rundll32.exe \"C:\\WINDOWS\\system32\\vqamipbu.dll\",setvm"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,de,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=hex:95,00,00,00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\HPpromotions psc 2350 series.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

Completion time: 06-12-28 21:44:55.14
C:\ComboFix.txt ... 06-12-28 21:44
C:\ComboFix2.txt ... 06-12-28 17:11

Re,

Selectionne le texte dans le cadre :



---> Clique Droit puis Copier.
----------

-- Ouvre Killbox.exe
-- Choisis "Delete on reboot"
-- Clique sur :
- " File " -> " Paste from Clipboard "
- " All Files "

Pour terminer clique sur

Une question te sera alors posée :
" File will be Removed on Reboot, Do you want to reboot now ? "

-- Répond par OUI, un compte à rebours s'enclenche, ton PC va redémarrer.
-- Après redémarrage, relance Killbox puis clique sur le menu : Files -> Logs -> Actions History Log, poste ce rapport ici.

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!"
Redémarre ton PC manuellement.

AIDE : Tuto sur KillBox (Jesses)

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 9:08 PM

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 9:09 PM

Killbox Closed(Exit) @ 9:09:01 PM
__________________________________________________

# 1 [Delete on Reboot]
Path = C:\WINDOWS\system32\nxshirbc.exe


# 2 [Delete on Reboot]
Path = C:\WINDOWS\system32\fpepnlli.exe


# 3 [Delete on Reboot]
Path = C:\WINDOWS\system32\okpyycyi.exe


# 4 [Delete on Reboot]
Path = C:\WINDOWS\system32\xkevbfou.dll


# 5 [Delete on Reboot]
Path = C:\WINDOWS\system32\wgyvjfaf.exe


# 6 [Delete on Reboot]
Path = C:\WINDOWS\system32\xjvtghnw.dll


# 7 [Delete on Reboot]
Path = C:\WINDOWS\system32\ltdnyyvs.exe


# 8 [Delete on Reboot]
Path = C:\WINDOWS\system32\vqqxkyow.exe


# 9 [Delete on Reboot]
Path = C:\WINDOWS\system32\armtdbpw.exe


# 10 [Delete on Reboot]
Path = C:\WINDOWS\system32\gjutgstc.exe


# 11 [Delete on Reboot]
Path = C:\WINDOWS\system32\yhokqgbo.exe


# 12 [Delete on Reboot]
Path = C:\WINDOWS\system32\wbyitrhh.exe


# 13 [Delete on Reboot]
Path = C:\WINDOWS\system32\ubmitojq.exe


# 14 [Delete on Reboot]
Path = C:\WINDOWS\system32\lguvskqj.exe


# 15 [Delete on Reboot]
Path = C:\WINDOWS\system32\cltqagmy.exe


# 16 [Delete on Reboot]
Path = C:\WINDOWS\system32\ggnllgvu.exe


# 17 [Delete on Reboot]
Path = C:\WINDOWS\system32\jiawhtdb.exe


# 18 [Delete on Reboot]
Path = C:\WINDOWS\system32\rjqijgqu.exe


# 19 [Delete on Reboot]
Path = C:\WINDOWS\system32\ishuhavx.exe


# 20 [Delete on Reboot]
Path = C:\WINDOWS\system32\ewnfbbml.exe


# 21 [Delete on Reboot]
Path = C:\WINDOWS\system32\fiscyvlc.exe


# 22 [Delete on Reboot]
Path = C:\WINDOWS\system32\tfgmowqj.exe


# 23 [Delete on Reboot]
Path = C:\WINDOWS\system32\nwvajssa.exe


# 24 [Delete on Reboot]
Path = C:\WINDOWS\system32\lciwmnkj.exe


# 25 [Delete on Reboot]
Path = C:\WINDOWS\system32\ayovljkl.exe


# 26 [Delete on Reboot]
Path = C:\WINDOWS\system32\pqobbeht.exe


# 27 [Delete on Reboot]
Path = C:\WINDOWS\system32\nhyghlwm.exe


# 28 [Delete on Reboot]
Path = C:\WINDOWS\system32\tkynjlev.exe


# 29 [Delete on Reboot]
Path = C:\WINDOWS\system32\pskpleuq.exe


# 30 [Delete on Reboot]
Path = C:\WINDOWS\system32\aclsrgyp.exe


# 31 [Delete on Reboot]
Path = C:\Program Files\VSAdd-in


# 32 [Delete on Reboot]
Path = C:\WINDOWS\system32\sidnvhqs.exe


# 33 [Delete on Reboot]
Path = C:\WINDOWS\system32\bhmhmmgj.exe


# 34 [Delete on Reboot]
Path = C:\WINDOWS\system32\mcpgorod.exe


# 35 [Delete on Reboot]
Path = C:\WINDOWS\system32\tuxtixaa.dll


# 36 [Delete on Reboot]
Path = C:\WINDOWS\system32\xndmgwas.exe


# 37 [Delete on Reboot]
Path = C:\WINDOWS\system32\nhcmwrum.exe


# 38 [Delete on Reboot]
Path = C:\WINDOWS\system32\agshvyca.exe


# 39 [Delete on Reboot]
Path = C:\WINDOWS\system32\nvqmuflv.exe


# 40 [Delete on Reboot]
Path = C:\WINDOWS\system32\fahujhqw.exe


# 41 [Delete on Reboot]
Path = C:\WINDOWS\system32\kuaemptj.exe


# 42 [Delete on Reboot]
Path = C:\WINDOWS\system32\rkfcssab.exe


# 43 [Delete on Reboot]
Path = C:\WINDOWS\system32\kqwocnqu.exe


# 44 [Delete on Reboot]
Path = C:\WINDOWS\system32\tokiwmwm.exe


# 45 [Delete on Reboot]
Path = C:\WINDOWS\system32\iabiyvfa.exe


# 46 [Delete on Reboot]
Path = C:\WINDOWS\system32\hqdqtybr.exe


# 47 [Delete on Reboot]
Path = C:\WINDOWS\system32\vqamipbu.dll


# 48 [Delete on Reboot]
Path = C:\WINDOWS\system32\jnkhpgup.exe


# 49 [Delete on Reboot]
Path = C:\WINDOWS\system32\swwwhciq.exe


# 50 [Delete on Reboot]
Path = C:\WINDOWS\system32\ghkiaxcv.exe


# 51 [Delete on Reboot]
Path = C:\WINDOWS\system32\yepquyad.exe


# 52 [Delete on Reboot]
Path = C:\WINDOWS\system32\vkuajcny.exe


# 53 [Delete on Reboot]
Path = C:\WINDOWS\system32\ltwxgoup.exe


# 54 [Delete on Reboot]
Path = C:\WINDOWS\system32\kcstcird.exe


# 55 [Delete on Reboot]
Path = C:\WINDOWS\system32\qnyefuwk.exe


# 56 [Delete on Reboot]
Path = C:\WINDOWS\system32\pgfalgiq.exe


# 57 [Delete on Reboot]
Path = C:\WINDOWS\system32\kuyagosa.exe


# 58 [Delete on Reboot]
Path = C:\WINDOWS\system32\guyvsqha.exe


# 59 [Delete on Reboot]
Path = C:\WINDOWS\system32\kqitgkjt.exe


# 60 [Delete on Reboot]
Path = C:\WINDOWS\system32\reuojfqa.exe


# 61 [Delete on Reboot]
Path = C:\WINDOWS\system32\enwsnvyt.exe


# 62 [Delete on Reboot]
Path = C:\WINDOWS\system32\kkxqjedc.exe


# 63 [Delete on Reboot]
Path = C:\WINDOWS\system32\wufgjigq.exe


# 64 [Delete on Reboot]
Path = C:\WINDOWS\system32\xurblgdn.exe


# 65 [Delete on Reboot]
Path = C:\WINDOWS\system32\upyptswv.exe


# 66 [Delete on Reboot]
Path = C:\WINDOWS\system32\ffufjtwn.exe


# 67 [Delete on Reboot]
Path = C:\WINDOWS\system32\omjyksxj.exe


# 68 [Delete on Reboot]
Path = C:\WINDOWS\system32\yuljirut.exe


# 69 [Delete on Reboot]
Path = C:\WINDOWS\system32\wgslaykp.exe


# 70 [Delete on Reboot]
Path = C:\WINDOWS\system32\uxtuneup.dll


# 71 [Delete on Reboot]
Path = C:\WINDOWS\system32\mysmifrw.exe


# 72 [Delete on Reboot]
Path = C:\WINDOWS\system32\auoduqex.exe


# 73 [Delete on Reboot]
Path = C:\WINDOWS\system32\qgqgmgoh.exe


# 74 [Delete on Reboot]
Path = C:\WINDOWS\system32\yhuopraq.exe


# 75 [Delete on Reboot]
Path = C:\WINDOWS\system32\bisblxsk.exe


# 76 [Delete on Reboot]
Path = C:\WINDOWS\system32\clvdaydm.exe


# 77 [Delete on Reboot]
Path = C:\WINDOWS\system32\aswqecew.exe


# 78 [Delete on Reboot]
Path = C:\WINDOWS\system32\jvxkqjrr.exe


# 79 [Delete on Reboot]
Path = C:\WINDOWS\system32\atlsnmus.exe


# 80 [Delete on Reboot]
Path = C:\WINDOWS\system32\dmxavwnq.exe


# 81 [Delete on Reboot]
Path = C:\WINDOWS\system32\opvfnjje.exe


# 82 [Delete on Reboot]
Path = C:\WINDOWS\system32\kvwcnmlt.exe


# 83 [Delete on Reboot]
Path = C:\WINDOWS\system32\fbagjboo.exe


# 84 [Delete on Reboot]
Path = C:\Program Files\PeDevice


# 85 [Delete on Reboot]
Path = C:\WINDOWS\system32\rmqmlxht.exe


# 86 [Delete on Reboot]
Path = C:\WINDOWS\system32\tvphxqbg.exe


# 87 [Delete on Reboot]
Path = C:\WINDOWS\system32\iepwdorl.exe


# 88 [Delete on Reboot]
Path = C:\WINDOWS\system32\gvwqygea.exe


# 89 [Delete on Reboot]
Path = C:\WINDOWS\system32\wnsinttr.exe


# 90 [Delete on Reboot]
Path = C:\WINDOWS\system32\drvcih.dll


# 91 [Delete on Reboot]
Path = C:\WINDOWS\system32\xxyvvtr.dll


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 9:11:28 PM
Killbox Closed(Exit) @ 9:11:57 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 9:17 PM

Killbox Closed(Exit) @ 9:18:35 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 9:51 PM

# 1 [Delete on Reboot]
Path = C:\Program Files\VSAdd-in


# 2 [Delete on Reboot]
Path = C:\WINDOWS\system32\tcrkffmc.exe


# 3 [Delete on Reboot]
Path = C:\WINDOWS\system32\gdkdhg.dll


I Rebooted @ 9:52:50 PM
Killbox Closed(Exit) @ 9:52:57 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as HP_Propriétaire(Administrator)
was started @ jeudi, décembre 28, 2006, 10:01 PM



Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 28/12/2006 a 22:03:11,56

*** Recherche de fichiers sur C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND
C:\WINDOWS\system32\RICHTX.DEP FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.2" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.3" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.4" FOUND

"C:\Program Files\PeDevice\" FOUND
"C:\Program Files\VSAdd-in\" FOUND
*** Fin du rapport !

Re,

Redémarre en mode sans échec

Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.

Redémarre normalement

- Le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 28/12/2006 a 22:14:28,59

Microsoft Windows XP [version 5.1.2600]

*** Suppression de fichiers sur C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
tentative de suppression de C:\WINDOWS\system32\RICHTX.DEP
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.2"
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.3"
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.4"

tentative de suppression de "C:\Program Files\PeDevice\"
tentative de suppression de "C:\Program Files\VSAdd-in\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

Reposte un rapport Hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 22:27:42, on 28/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MultiRes\MultiRes.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Inventel\Gateway\WLANCFG.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\Nouveau dossier\Scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\xkevbfou.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9423CB04-29ED-253A-CFA3-2250D0FE25E2} - C:\WINDOWS\system32\gdkdhg.dll (file missing)
O2 - BHO: (no name) - {A271813E-C562-49D6-ACAB-7022DE99E45F} - C:\WINDOWS\system32\mllml.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [MultiRes] C:\Program Files\MultiRes\MultiRes.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\vqamipbu.dll",setvm
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {6BAFEA0A-5F70-44EB-852D-EC015CBAA072} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\xkevbfou.dll (file missing)
O2 - BHO: (no name) - {9423CB04-29ED-253A-CFA3-2250D0FE25E2} - C:\WINDOWS\system32\gdkdhg.dll (file missing)
O2 - BHO: (no name) - {A271813E-C562-49D6-ACAB-7022DE99E45F} - C:\WINDOWS\system32\mllml.dll (file missing)
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\vqamipbu.dll",setvm
O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing)

Clique sur Fix checked (en bas à gauche)

D'autres problèmes ?

Non je crois que c’est parfait tout est redevenu comme avant franchement un grand Merci et au temps que vous m’avez consacré

Je m’incline   sur cette aide rapide et efficace  

[Juste si vous connaisez une astuce pour avoir un meilleure ping pour CSS ^^ j'en profite]

De rien  


Pas de mon domaine.

Edite ton premier message avec puis ajoute (Résolu) au titre.

Dénonce ton infection (Vundo) pour faire condamner les auteurs, ça serait sympa.
Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être le plus nombreux possibles, alors rends compte de ton infection.
AIDE : Comment rapporter son infection sur Malware-Complaints ?

Consulte cette page pour éviter que ces problèmes ne réapparaissent.