Alertes Virus et pubs

Bonjour,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Voici les rapports :


VundoFix V6.5.4

Checking Java version...

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Scan started at 12:22:14 30/06/2007

Listing files found while scanning....

C:\windows\system32\adpfmpeh.dll
C:\windows\system32\efcawtu.dll
C:\WINDOWS\system32\hepmfpda.ini
C:\windows\system32\ldblpgni.exe
C:\windows\system32\rrutv.bak1
C:\windows\system32\rrutv.bak2
C:\windows\system32\rrutv.ini
C:\windows\system32\ssqrqpp.dll
C:\WINDOWS\system32\veemvofn.dll
C:\WINDOWS\system32\vturr.dll

Beginning removal...

Attempting to delete C:\windows\system32\adpfmpeh.dll
C:\windows\system32\adpfmpeh.dll Has been deleted!

Attempting to delete C:\windows\system32\efcawtu.dll
C:\windows\system32\efcawtu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hepmfpda.ini
C:\WINDOWS\system32\hepmfpda.ini Has been deleted!

Attempting to delete C:\windows\system32\ldblpgni.exe
C:\windows\system32\ldblpgni.exe Has been deleted!

Attempting to delete C:\windows\system32\rrutv.bak1
C:\windows\system32\rrutv.bak1 Has been deleted!

Attempting to delete C:\windows\system32\rrutv.bak2
C:\windows\system32\rrutv.bak2 Has been deleted!

Attempting to delete C:\windows\system32\rrutv.ini
C:\windows\system32\rrutv.ini Has been deleted!

Attempting to delete C:\windows\system32\ssqrqpp.dll
C:\windows\system32\ssqrqpp.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\veemvofn.dll
C:\WINDOWS\system32\veemvofn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vturr.dll
C:\WINDOWS\system32\vturr.dll Could not be deleted.

Performing Repairs to the registry.
Done!








et
Logfile of HijackThis v1.99.1
Scan saved at 12:48:28, on 30/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Philips\Sound Agent 2\mc500cpl.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\avp.exe
C:\WINDOWS\mgrs.exe
C:\Documents and Settings\All Users\Application Data\zmbwhsnk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\DrvMon.exe
C:\Documents and Settings\Remi\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\hijackthis\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.accoona.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.targa.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
O2 - BHO: (no name) - Software - (no file)
O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~2\CABINW~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINDOWS\system32\rliybuag.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.4\BitComet_Toolbar.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {A6807262-1D7A-44AB-947B-23B71E97915C} - C:\WINDOWS\system32\ssqrqpp.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {C42D6121-7E1E-4D7C-B55B-517CFBB0ED3E} - C:\WINDOWS\system32\vturr.dll
O2 - BHO: (no name) - {E8656F64-3A56-3C9B-F5D5-0FFE92809493} - C:\DOCUME~1\Remi\APPLIC~1\MESSCA~1\FlagReal.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.4\BitComet_Toolbar.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\cab.in.work.temp.dll (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [QveCtl2Tray] C:\Program Files\Philips\Sound Agent 2\mc500cpl.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [KINDTHIRDTEAMLIST] C:\Documents and Settings\All Users\Application Data\exitsignkindthird\Htm Balm.exe
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [zmbwhsnk.exe] C:\Documents and Settings\All Users\Application Data\zmbwhsnk.exe
O4 - HKLM\..\Run: [SC2] C:\WINDOWS\system32\scchk32.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\saljkxxh.dll",forkonce
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\Remi\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [algchk.exe] C:\WINDOWS\system32\algchk.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: bw+0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: vturr - C:\WINDOWS\system32\vturr.dll
O20 - Winlogon Notify: WB - fastload.dll (file missing)
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winopn32 - C:\WINDOWS\SYSTEM32\winopn32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

 

Re,

Télécharge combofix.exe (par sUBs) sur ton Bureau.

Double clique combofix.exe.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

voilà

"Remi" - 2007-06-30 14:06:11 - ComboFix 07-06-27.7 - Service Pack 2 NTFS


(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\vturr.dll
C:\WINDOWS\system32\ssqrqpp.dll
C:\WINDOWS\system32\winopn32.dll
C:\WINDOWS\system32\rrutv.bak1
C:\WINDOWS\system32\rrutv.ini
C:\WINDOWS\system32\rrutv.bak1
C:\WINDOWS\system32\rrutv.ini
C:\WINDOWS\system32\pmnnkli.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Fichiers communs\Yazzle1162OinAdmin.exe
C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe
C:\Program Files\newdotnet
C:\Program Files\newdotnet\newdotnet7_48.dll
C:\Program Files\newdotnet\readme.html
C:\Program Files\newdotnet\uninstall6_38.exe
C:\Program Files\newdotnet\uninstall7_48.exe
C:\WINDOWS\avp.exe
C:\WINDOWS\mgrs.exe
C:\WINDOWS\NDNuninstall6_38.exe
C:\WINDOWS\NDNuninstall6_90.exe
C:\WINDOWS\NDNuninstall6_98.exe
C:\WINDOWS\NDNuninstall7_14.exe
C:\WINDOWS\NDNuninstall7_22.exe
C:\WINDOWS\NDNuninstall7_48.exe
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\sysmon32.exe
C:\WINDOWS\system32\wanpacket.dll
C:\WINDOWS\system32\wpcap.dll


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\nm
-------\NPF


((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-30 )))))))))))))))))))))))))))))))


2007-06-30 14:08 40,960 --a------ C:\WINDOWS\retadpu1000272.exe
2007-06-30 14:05 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-30 12:44 66,112 --a------ C:\WINDOWS\system32\rliybuag.dll
2007-06-30 12:43 128,576 --a------ C:\WINDOWS\system32\saljkxxh.dll
2007-06-30 12:22 <REP> d-------- C:\VundoFix Backups
2007-06-30 10:49 <REP> d-------- C:\hijackthis
2007-06-30 10:48 218,112 --a------ C:\HijackThis.exe
2007-06-30 08:30 <REP> d-------- C:\Program Files\AxBx
2007-06-30 00:26 <REP> d-------- C:\DOCUME~1\Remi\APPLIC~1\Axialis
2007-06-29 23:33 66,927 --a------ C:\nkwncvkg1.exe
2007-06-29 23:09 56,832 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\zmbwhsnk.exe
2007-06-29 23:07 6,656 --a------ C:\DOCUME~1\Remi\keygen.exe
2007-06-29 23:07 48 --a------ C:\DOCUME~1\Remi\readme.bat
2007-06-29 23:07 10,838 --a------ C:\DOCUME~1\Remi\install.exe
2007-06-29 23:05 <REP> d-------- C:\Program Files\Axialis
2007-06-29 22:39 <REP> d-------- C:\Program Files\ArtIcons
2007-06-18 18:52 <REP> d-------- C:\DOCUME~1\Remi\APPLIC~1\FindeXer
2007-06-15 14:39 <REP> d-------- C:\Program Files\Azureus
2007-06-15 14:39 <REP> d-------- C:\DOCUME~1\Remi\APPLIC~1\Azureus
2007-05-26 09:49 <REP> d-------- C:\Program Files\pspvideo9
2007-05-26 08:25 <REP> d-------- C:\WINDOWS\system32\embedded
2007-05-26 08:25 <REP> d-------- C:\Program Files\WinAVI Video Converter
2007-05-26 07:53 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-05-26 07:53 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-05-26 07:53 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-05-26 07:53 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-05-26 07:53 471,552 --a------ C:\WINDOWS\system32\Smab.dll
2007-05-26 07:53 31,744 -r-hs---- C:\WINDOWS\system32\msfDX.dll
2007-05-26 07:53 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-05-26 07:53 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-05-26 07:53 217,073 --a------ C:\WINDOWS\meta4.exe
2007-05-26 07:53 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll
2007-05-26 07:53 <REP> d-------- C:\Program Files\eRightSoft
2007-05-24 20:39 <REP> d-------- C:\DOCUME~1\Remi\APPLIC~1\Eltima Software
2007-05-24 20:38 448,512 --a------ C:\WINDOWS\system32\avformat-50.dll
2007-05-24 20:38 3,345,408 --a------ C:\WINDOWS\system32\avcodec-51.dll
2007-05-24 20:38 19,968 --a------ C:\WINDOWS\system32\avutil-49.dll
2007-05-24 20:38 <REP> d-------- C:\Program Files\Fichiers communs\Eltima Shared
2007-05-24 20:38 <REP> d-------- C:\Program Files\Eltima Software
2007-05-20 11:37 <REP> d-------- C:\Program Files\Gabest
2007-05-03 19:57 <REP> d-------- C:\Program Files\Pando Networks
2007-05-03 19:51 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL
2007-05-03 19:51 <REP> d-------- C:\Program Files\Free Audio Pack


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-30 12:17:26 1,660 ----a-w C:\WINDOWS\bthservsdp.dat
2007-06-30 10:43:08 -------- d-----w C:\Program Files\eMule
2007-06-30 06:31:50 -------- d--h--w C:\DOCUME~1\Remi\APPLIC~1\dart once user
2007-06-26 07:43:13 -------- d-----w C:\DOCUME~1\Remi\APPLIC~1\Rumshot
2007-06-22 06:23:56 -------- d-----w C:\Program Files\XviD
2007-06-17 12:46:58 -------- d--h--w C:\DOCUME~1\Remi\APPLIC~1\dvdcss
2007-06-14 17:42:45 18,654 ----a-w C:\WINDOWS\mozver.dat
2007-06-14 17:42:23 -------- d-----w C:\Program Files\DivX
2007-06-10 10:49:16 -------- d-----w C:\Program Files\MSN Messenger
2007-06-07 07:40:42 -------- d-----w C:\Program Files\VIRTUA~1
2007-05-26 10:26:18 -------- d-----w C:\Program Files\IrfanView
2007-05-26 07:49:28 -------- d-----w C:\Program Files\AviSynth 2.5
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-03 18:01:48 75,886 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-05-03 18:01:48 468,692 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{031F120A-BBAF-45d8-B306-375F2A6B9398}=C:\PROGRA~1\ALCOHO~1\ALCOHO~2\CABINW~1.DLL []
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 15:17]
{6A373B7E-496E-424f-A9BE-486A5E9AB018}=C:\Program Files\BitComet Toolbar\v2.0.0.4\BitComet_Toolbar.dll [2006-04-24 10:01]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 13:32]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4}=C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 17:42]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 17:04]
{E8656F64-3A56-3C9B-F5D5-0FFE92809493}=C:\DOCUME~1\Remi\APPLIC~1\MESSCA~1\FlagReal.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-02-09 17:54 C:\WINDOWS\SOUNDMAN.EXE]
"USB Storage RW"="C:\Program Files\USB Storage RW\DskWatch.exe" [2004-12-23 16:00]
"AntivirusRegistration"="C:\Program Files\CA\Etrust Antivirus\Register.exe" [2005-01-31 16:09]
"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2004-06-26 01:17]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [2005-02-18 02:49]
"OEM-Reset"="" []
"AOLSAV"="C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe" [2004-11-10 16:18]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-06-01 11:09]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-06-01 11:03]
"VTTrayp"="VTtrayp.exe" []
"QveCtl2Tray"="C:\Program Files\Philips\Sound Agent 2\mc500cpl.exe" [2003-09-20 11:41]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52]
"LyraHD2TrayApp"="C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [2005-02-18 18:38]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime Alternative\qttask.exe" [2006-10-25 19:58]
"Pinnacle WebUpdater"="C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" [2006-03-26 13:10]
"PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-04-27 16:45]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-09-01 13:30]
"KINDTHIRDTEAMLIST"="C:\Documents and Settings\All Users\Application Data\exitsignkindthird\Htm Balm.exe" [2007-03-17 14:52]
"zmbwhsnk.exe"="C:\Documents and Settings\All Users\Application Data\zmbwhsnk.exe" [2007-06-29 23:09]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-06-01 12:46]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 10:20]
"Dash Regs"="C:\DOCUME~1\Remi\APPLIC~1\DARTON~1\CityHelpPop.exe" []
"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" [2004-09-10 04:16]
"Mozilla Quick Launch"="C:\Program Files\Netscape\Netscape\Netscp.exe" []
"algchk.exe"="C:\WINDOWS\system32\algchk.exe" []
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2006-07-29 20:34]
"@"="" []
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2006-09-14 16:15]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{24E27EA9-FCF3-444F-BD80-20543BA5D946}"="C:\DOCUME~1\Remi\LOCALS~1\Temp\wschtm35.dll" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{930D35D2-094D-41B9-8E89-D1B76F2C6E97}"="C:\WINDOWS\system32\pmnnkli.dll" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnnkli]
pmnnkli.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL 9.0 Icône AOL.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL 9.0 Icône AOL.lnk
backup=C:\WINDOWS\pss\AOL 9.0 Icône AOL.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL Compagnon.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL Compagnon.lnk
backup=C:\WINDOWS\pss\AOL Compagnon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WiziWYG XP Startup.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiziWYG XP Startup.lnk
backup=C:\WINDOWS\pss\WiziWYG XP Startup.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Remi^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.exe]
path=C:\Documents and Settings\Remi\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.exe
backup=C:\WINDOWS\pss\Adobe Gamma Loader.exeStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Remi^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Remi\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Remi^Menu Démarrer^Programmes^Démarrage^Stardock ObjectDock.lnk]
path=C:\Documents and Settings\Remi\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Remi^Menu Démarrer^Programmes^Démarrage^Y'z ToolBar.lnk]
path=C:\Documents and Settings\Remi\Menu Démarrer\Programmes\Démarrage\Y'z ToolBar.lnk
backup=C:\WINDOWS\pss\Y'z ToolBar.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Fichiers communs\Adobe\Updater\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen 3.1]
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KINDTHIRDTEAMLIST]
C:\Documents and Settings\All Users\Application Data\exitsignkindthird\meal atom.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
"C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSPVideo9]
C:\Program Files\pspvideo9\pspVideo9.exe -t

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trust Cleaner]
C:\Program Files\Trust Cleaner\TrustCleaner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
Usnsvc usnsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4372b3af-881a-11da-854d-00038a000015}]
AutoRun\command- J:\loader.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9958706-7f1a-11d9-acd4-806d6172696f}]
AutoRun\command- I:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f995870c-7f1a-11d9-acd4-806d6172696f}]
AutoRun\command- D:\Autorun.exe


HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub

Contents of the 'Scheduled Tasks' folder
2007-06-29 08:13:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-06-30 12:00:00 C:\WINDOWS\tasks\B3E1D59B80424AC3.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-30 14:18:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]


[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT\Parameters\Services\{00001105-0000-1000-8000-00805f9b34fb}]


[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]


Completion time: 2007-06-30 14:23:07 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-30 14:23

--- E O F ---

Reposte un rapport Hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 16:25:46, on 30/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Philips\Sound Agent 2\mc500cpl.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Documents and Settings\All Users\Application Data\zmbwhsnk.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\DrvMon.exe
C:\Program Files\eMule\emule.exe
C:\Documents and Settings\Remi\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\hijackthis\scanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.targa.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - <default> - (no file)
O2 - BHO: (no name) - Software - (no file)
O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~2\CABINW~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.4\BitComet_Toolbar.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {E8656F64-3A56-3C9B-F5D5-0FFE92809493} - C:\DOCUME~1\Remi\APPLIC~1\MESSCA~1\FlagReal.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.4\BitComet_Toolbar.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\cab.in.work.temp.dll (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [QveCtl2Tray] C:\Program Files\Philips\Sound Agent 2\mc500cpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [KINDTHIRDTEAMLIST] C:\Documents and Settings\All Users\Application Data\exitsignkindthird\Htm Balm.exe
O4 - HKLM\..\Run: [zmbwhsnk.exe] C:\Documents and Settings\All Users\Application Data\zmbwhsnk.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\Remi\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [algchk.exe] C:\WINDOWS\system32\algchk.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: bw+0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {3B4D28E1-E69A-4A3C-991B-EC4234593AE1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: pmnnkli - pmnnkli.dll (file missing)
O20 - Winlogon Notify: WB - fastload.dll (file missing)
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

Re,

Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)

Redémarre en mode sans échec

Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.