graves problèmes virus fenêtre intempestive rencontres j'en peux plus
Forum Sécurité - Virus : graves problèmes virus fenêtre intempestive rencontres j'en peux plus
au secours aidez moi mon ordinateur ne fonctionne de plus en plus mal
Bonjour,
---> Télécharger HijackThis
->Le mettre dans un dossier dédié
( sur le bureau par exemple, dossier nommé HijackThis)
->Dézipper le dans le dossier
->Clique Droit sur Hijackthis :
-> Choisir " Renommer "
-> Taper Scanner.exe puis valider
-> Lancer l'application
-> Choisir l'option "Do a system scan and save a logfile"
-> Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
-> Copier/coller dans le prochain message
AIDE SUR http://www.malekal.com/tutorial_HijackThis.html
Logfile of HijackThis v1.99.1
Scan saved at 19:18:46, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1049.dll,InstantAccess
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.f5biz.com/allot/434/garcesfr.exe
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/10598/SEXE.exe
O18 - Protocol: bw+0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Bonsoir,
--->Télécharger SmitfraudFix de S!Ri:
->Dézipper sur le Bureau.
->Ouvrir SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
->Poster le rapport.
Bonjour,
Où vois-tu l'infection Smitfraud ?
Tu es victime d'une infection Egdaccess - Instant Access
Les manipulations sont à faire sans interruption et dans l'ordre
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
Enregistre cette page pour avoir accès à la procédure en mode sans échec :
- Fichier
- Enregistrer Sous...
- Nom du fichier : Procédure
- Type : Page Web, complète
- Pour l'emplacement, chosis ton Bureau
- Clique maintenant sur Enregistrer
Télécharge :
Brute Force Uninstaller (de Merjin).
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)
Navipromo.zip et décompresse-le sur ton bureau.
FAIS UN CLIQUE-DROIT ICI et choisis "Enregistrer la cible du lien sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde-le dans le dossier créé (C:\BFU).
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Note : Si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".
AIDE : Comment installer et utiliser BFU ?
Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo.
Sélectionne d'abord l'option "Vérifications", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Sélectionne ensuite l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :
EGDACCESS.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attends que Complete script execution apparaisse pour cliquer sur OK.
Clique Exit pour fermer le programme BFU.
Redémarre normalement.
Poste les rapports :
- Hijackthis
- C:\egd.txt
- C:\Navipromo.txt
Répondre à Angeldark
j'ai effectué un second scan car il manquait 1 fichier que j'avais supprimé manuellement mais je les remis pensant que j'avais peut-être supprimer un fichier utile à mon ordinateur.Merci beaucoup de me venir en aide rapidement...Logfile of HijackThis v1.99.1
Scan saved at 19:24:33, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1049.dll,InstantAccess
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.f5biz.com/allot/434/garcesfr.exe
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/10598/SEXE.exe
O18 - Protocol: bw+0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
@ AngelDark
Bah avec DriveCleaner2006
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
encore un betise de ma part?
Message édité par BIgSiLaB le 01-01-2007 à 19:29:05
Ce n'est pas une trace de Smitfraud !
Peut-être qu'il y a un ou deux fichiers mais on verra ça ensuite.
Répondre à Angeldark
Eh, SmitfraudFix ne fait rien à ce type d'infection?
SmitFraudFix v2.132
Rapport fait à 19:34:20,23, 01/01/2007
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
ok ..la preuve en image, ça ne sert à rien....
| Citation : Eh, SmitfraudFix ne fait rien à ce type d'infection? |
regarde son rapport 
Fais ce que j'ai dit maintenant 
Répondre à Angeldark
ok.no comment.^^
Logfile of HijackThis v1.99.1
Scan saved at 19:24:33, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1049.dll,InstantAccess
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.f5biz.com/allot/434/garcesfr.exe
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/10598/SEXE.exe
O18 - Protocol: bw+0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"KYE_Showicon"="\"C:\\Program Files\\USB Storage RW\\shwicon.exe\" -t\"KYE\\USB Storage RW\""
"StorageGuard"="\"C:\\Program Files\\VERITAS Software\\Update Manager\\sgtray.exe\" /r"
"WCOLOREAL"="\"C:\\Program Files\\Coloreal\\coloreal.exe\""
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"nwiz"="nwiz.exe /installquiet /keeploaded"
"ATIModeChange"="Ati2mdxx.exe"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"AlcxMonitor"="ALCXMNTR.EXE"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"MyWebSearch Email Plugin"="C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SDR6V_Check"="\"C:\\Program Files\\Fichiers communs\\DriveCleaner 2006 Free\\SDRmon.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
Rapport Navipromo.bat 0.71 effectué le 01/01/2007 à 20:24:41,23
L'opération se déroule en mode sans échec sous le compte Propri‚taire
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
cuolkbz.exe
cuolkbz_navps.dat
gteayzlsnb_navps.dat
cuolkbz.dat
gteayzlsnb.dat
cuolkbz.dat
gteayzlsnb.dat
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 01/01/2007 à 20:26:30,48
L'opération se déroule en mode sans échec sous le compte Propri‚taire
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
cuolkbz.exe
cuolkbz_navps.dat
gteayzlsnb_navps.dat
cuolkbz.dat
gteayzlsnb.dat
cuolkbz.dat
gteayzlsnb.dat
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 01/01/2007 à 20:27:00,29
L'opération se déroule en mode sans échec sous le compte Propri‚taire
** Recherche...
1/ gteayzlsnb trouvé, recherche de gteayzlsnb*
C:\WINDOWS\system32\gteayzlsnb.dat
C:\WINDOWS\system32\gteayzlsnb_nav.dat
C:\WINDOWS\system32\gteayzlsnb_navps.dat
------------------
2/ cuolkbz trouvé, recherche de cuolkbz*
C:\WINDOWS\system32\cuolkbz.dat
C:\WINDOWS\system32\cuolkbz.exe
C:\WINDOWS\system32\cuolkbz_nav.dat
C:\WINDOWS\system32\cuolkbz_navps.dat
C:\WINDOWS\prefetch\CUOLKBZ.EXE-1D3485DF.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
cuolkbz REG_SZ c:\windows\system32\cuolkbz.exe cuolkbz
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 2 fois avec cette méthode
################################################
** Nettoyage...
1/ Déplacement de gteayzlsnb* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\gteayzlsnb* déplacé avec succès !
------------------
2/ Déplacement de cuolkbz* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\cuolkbz* déplacé avec succès !
C:\WINDOWS\prefetch\cuolkbz* déplacé avec succès
------------------
* Suppression clés et valeurs de registre
1 entrées de registre netttoyées
* Backups :
C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\cuolkbz.dat
C:\Navipromo\Backups\cuolkbz.exe
C:\Navipromo\Backups\CUOLKBZ.EXE-1D3485DF.pf
C:\Navipromo\Backups\cuolkbz_nav.dat
C:\Navipromo\Backups\cuolkbz_navps.dat
C:\Navipromo\Backups\gteayzlsnb.dat
C:\Navipromo\Backups\gteayzlsnb_nav.dat
C:\Navipromo\Backups\gteayzlsnb_navps.dat
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\Masta
C:\Navipromo\Backups\Uninstall.reg
Ajout d'extension .off aux backups
## Fin du rapport de Suppression
BGonjour,
Supprime ce dossier :
C:\Navipromo\
Je veux un nouveau rapport Hijackthis 
Répondre à Angeldark
Logfile of HijackThis v1.99.1
Scan saved at 20:50:05, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Propriétaire\Bureau\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.f5biz.com/allot/434/garcesfr.exe
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/10598/SEXE.exe
O18 - Protocol: bw+0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Re,
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
Répondre à Angeldark
Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 01/01/2007 a 21:01:15,70
*** Recherche de fichiers sur C:
C:\UNWISE.EXE FOUND
C:\unwise.exe FOUND
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND
C:\WINDOWS\UnGins.exe FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\f3PSSavr.scr FOUND
C:\WINDOWS\system32\ide21201.vxd FOUND
C:\WINDOWS\system32\stera.job FOUND
C:\WINDOWS\impborl.dll FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
"C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\" FOUND
"C:\Program Files\mozilla firefox\components\npclntax.xpt" FOUND
"C:\Program Files\mozilla firefox\plugins\npclntax.dll" FOUND
"C:\Program Files\Carpe Diem\" FOUND
"C:\Program Files\funwebproducts\" FOUND
"C:\Program Files\msn messenger\riched20.dll" FOUND
"C:\Program Files\MyWebSearch\" FOUND
"C:\Program Files\WinAntiVirus Pro 2006\" FOUND
*** Fin du rapport !
Clean.cmd va faire un bon ménage.
Redémarre en mode sans échec
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement
- Le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt
Répondre à Angeldark
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 01/01/2007 a 21:26:23,12
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
tentative de suppression de C:\UNWISE.EXE
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\ALCXMNTR.EXE
tentative de suppression de C:\WINDOWS\UnGins.exe
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\f3PSSavr.scr
tentative de suppression de C:\WINDOWS\system32\ide21201.vxd
tentative de suppression de C:\WINDOWS\system32\stera.job
tentative de suppression de C:\WINDOWS\impborl.dll
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
tentative de suppression de "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\"
tentative de suppression de "C:\Program Files\mozilla firefox\components\npclntax.xpt"
tentative de suppression de "C:\Program Files\mozilla firefox\plugins\npclntax.dll"
tentative de suppression de "C:\Program Files\Carpe Diem\"
tentative de suppression de "C:\Program Files\funwebproducts\"
tentative de suppression de "C:\Program Files\msn messenger\riched20.dll"
tentative de suppression de "C:\Program Files\MyWebSearch\"
tentative de suppression de "C:\Program Files\WinAntiVirus Pro 2006\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Reposte un rapport Hijackthis.
Répondre à Angeldark
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 01/01/2007 a 21:26:23,12
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
tentative de suppression de C:\UNWISE.EXE
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\ALCXMNTR.EXE
tentative de suppression de C:\WINDOWS\UnGins.exe
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\f3PSSavr.scr
tentative de suppression de C:\WINDOWS\system32\ide21201.vxd
tentative de suppression de C:\WINDOWS\system32\stera.job
tentative de suppression de C:\WINDOWS\impborl.dll
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
tentative de suppression de "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\"
tentative de suppression de "C:\Program Files\mozilla firefox\components\npclntax.xpt"
tentative de suppression de "C:\Program Files\mozilla firefox\plugins\npclntax.dll"
tentative de suppression de "C:\Program Files\Carpe Diem\"
tentative de suppression de "C:\Program Files\funwebproducts\"
tentative de suppression de "C:\Program Files\msn messenger\riched20.dll"
tentative de suppression de "C:\Program Files\MyWebSearch\"
tentative de suppression de "C:\Program Files\WinAntiVirus Pro 2006\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Logfile of HijackThis v1.99.1
Scan saved at 21:39:28, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.f5biz.com/allot/434/garcesfr.exe
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/10598/SEXE.exe
O18 - Protocol: bw+0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Logfile of HijackThis v1.99.1
Scan saved at 21:39:28, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\USB Storage RW\shwicon.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_18_0.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.f5biz.com/allot/434/garcesfr.exe
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/10598/SEXE.exe
O18 - Protocol: bw+0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {C061975D-6085-4491-B49C-6936BF6FBB02} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Re,
----------
-> Démarrer
-> Exécuter...
Tape Services.msc puis valide
Double clique sur " Boonty Games "
Type de démarrage : " Désactiver "
Clique en bas sur " Arrêter "
Valide les changements.
-----
Ouvre Hijackthis puis:
-> Open the Misc Tools Section
-> Delete an NT Service
Tape " BOONTY " puis valide.
----------
Supprime ce dossier :
C:\Program Files\Fichiers communs\BOONTY Shared\
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.f5biz.com/allot/434/garcesfr.exe
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/10598/SEXE.exe
Clique sur Fix checked (en bas à gauche)
- Fais un scan en ligne Kaspersky avec Internet Explorer :
- Clique sur
- Clique maintenant sur J'accepte.
- Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
- Patiente pendant l'installation des Mises à jour.
- Choisis par la suite l'analyse du Poste de travail
- Sauvegarde puis colle le rapport généré en fin d'analyse.
AIDE : Configurer le contrôle des ActiveX
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
Répondre à Angeldark
lorsque je clique sur "j'accepte sur kapersky, rien ne se passe; que dois faire?
Essaie un scan en ligne Panda.
Avec Internet Explorer
Fais un scan en ligne Panda
- Clique sur " Scan your PC "
- Ensuite sur " Check Now "
- /!\ Clique en bas sur " I don't Accept "
Entre ton adresse e-mail puis commence le scan
- Poste le rapport en fin d'analyse
Si tu as Avast! désactive-le lors du scan
Répondre à Angeldark
lorsque j'ai cliquer sur "scan your pc", 1 fenêtre s'est ouverte indiquant"browser not supported", que dois je faire s'il vous plait?
lorsque je clique sur "scan your", une fenêtre s'ouvre indiquant"browser not supported"et"active scan requires Microsoft internet 5.0 or later version"; que dois je faire ?
Tu utlises bien Internet Explorer pour les scans ? 
Répondre à Angeldark
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, January 02, 2007 10:01:49 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 2/01/2007
Enregistrements dans la base antivirus Kaspersky : 241119
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
Statistiques de l'analyse
Total d'objets analysés 69213
Nombre de virus trouvés 1
Nombre d'objets infectés 3 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:08:55
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\GatherLogs\MyIndex\MyIndex.328.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\GatherLogs\MyIndex\MyIndex.328.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\0001000D.ci L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\DocId.Map L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.Dir L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h0 L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h0.Dir L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h1 L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h1.Dir L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h3 L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h4A L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h4A.Dir L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h4B L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.h4B.Dir L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Hash.gthr.idx L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Idm.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Projects\MyIndex\MyIndex.Ntfy58.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Properties\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Properties\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Properties\RSApp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Properties\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Logs\MAPI.txt L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Temp\rssgthrsvc\Ntf5.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Temp\rssgthrsvc\Ntf6.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Desktop Search\Temp\rssgthrsvc\Perflib_Perfdata_b04.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Propriétaire\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\BWDocMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\L0000001.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Propriétaire\Data\storydb.idx L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{5D0F1AC7-1667-45CC-A197-A29C1C186CF8}\RP477\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wfo.exe/stream/data0001 Infecté : Trojan.Win32.Pakes ignoré
C:\WINDOWS\wfo.exe/stream Infecté : Trojan.Win32.Pakes ignoré
C:\WINDOWS\wfo.exe NSIS: infecté - 2 ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.
voilà je suis enfin parvenu à effectuer le scan sur kapersky!!
que dois je faire maintenant que j'ai effectué le scan kapersky et que je vous ai envoyé le rapport?Merci....
Supprime ce fichier :
C:\WINDOWS\wfo.exe
D'autres problèmes ?
Répondre à Angeldark
ça y est j'ai supprimé le dossier C:\WINDOWS\wfo.exe, tout semble rentré dans l'ordre, merci infiniment!!!
Re,
Edite ton premier message avec 
puis ajoute (Résolu) au titre.
Dénonce ton infection (EGDACCESS) pour faire condamner les auteurs, ça serait sympa.
Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être le plus nombreux possibles, alors rends compte de ton infection.
AIDE : Comment rapporter son infection sur Malware-Complaints ?
Consulte cette page pour éviter que ces problèmes ne réapparaissent.
Répondre à Angeldark
Il y a 967 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
