Pop-up besoin d'une analyse de mon log Hijack.

Bonjour desoler si je ne susi pas dans la bonne rubrique, j'ai vu qu'il y avait inscrit virus donc je me suis mis la car c'est vraiment génant en esperant que vos conseil seront utile pour suprimmer toute ses fenetre popo-up .
a la base j'utilisait IE, puis a force d'etre en vain deranger par des 10 aine de popup, je me susi decider a aller sur mozilla firefox mais le probleme au bout cd'un certain temps fu le meme du plus en plus de popup apparaisse... voisic mon scan Hijack en esperant que vous trouverez deschose a y suprimé

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:18:13, on 01/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
D:\Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SM\skymessnet.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Propriétaire\Bureau\divers ANTHONY\Reste disque D pour place pour STEAM\Firefox\firefox.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.890\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr8.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/y [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {A20CC53E-61FE-4788-85FF-A0F9C9B4C2A9} - {93989C8B-BD5F-4783-A470-EB07F08E83C7} - C:\WINDOWS\system32\winapic32.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CHungryBHO Object - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\neti.dll (file missing)
O2 - BHO: {92E1B3F7-0546-421E-9835-904D25B7BA66} - {C4F147D7-BF25-488E-A12B-EFD43E7029BF} - C:\WINDOWS\system32\winvbie.dll (file missing)
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Inter bags.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Dvd Warn] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPPOR~1\datelicense.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Send To &Bluetooth - D:\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Bluetooth\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Bluetooth\btsendto_ie.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/ac [...] 0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1350d7 [...] 601_fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylomgames.com/activ [...] player.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN [...] uncher.cab
O18 - Protocol: bw+0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - D:\Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: AVCore (SrvMain) - Unknown owner - C:\Documents and Settings\All Users\Application Data\avservice.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 23061 bytes

Voilas merci a vous d'avance pour vos reponse.
Anthony

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

je viens de voir la longueur par rapport au autre que j'aipu voir il m'as l'air completement pourrisde l'interieur

Répondre à Melerfell

Je vois que mon post est un peut passer au travers de vos reponse^^ si quelqun pouvait m'aider a savoir se qu'il faut que je suprime? merci d'avance.

Répondre à Melerfell

Bonjour

Ton rapport est long, car tu as beaucoup de lignes inutiles.

Et tu es infecté.

Télécharge LopxpMH sur ton Bureau.
http://www.alt-shift-return.org/In [...] pxpMH2.zip
Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
Poste le contenu du rapport qui va s'ouvrir.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_

Dsl d'avoir été si long voici le rapport(je crain qu'il sois plus lon que le Hijack^^) Merci encore pour vos reponse si vous arrivez a trouver les truc a s'occuper

Rapport lopxpMH2 version 2.0 fait à 7:38:44,23 le 05/09/2007
C:\Documents and Settings\Propriétaire\Bureau\lopxpMH2

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\All Users\Application Data

28/10/2004 02:34 <REP> .
28/10/2004 02:34 <REP> ..
27/06/2005 17:16 <REP> Adobe
08/08/2007 18:01 <REP> Apple
18/02/2006 18:39 <REP> Apple Computer
08/06/2007 12:39 <REP> BVRP Software
03/08/2007 11:23 <REP> flag ace stupid data
29/10/2006 06:29 <REP> Google
16/04/2005 09:26 <REP> Groove Games
18/11/2005 14:26 <REP> InstallShield
02/12/2006 19:46 <REP> iWin
08/05/2007 13:55 <REP> Kodak
02/09/2007 03:23 <REP> Logitech
11/12/2004 22:27 <REP> Macrovision
28/11/2006 01:51 <REP> Messenger Plus!
02/01/2003 13:37 <REP> Microsoft
24/03/2007 17:35 <REP> Microsoft Help
13/11/2004 21:15 <REP> MSN6
03/03/2007 18:05 <REP> NVIDIA
07/08/2006 11:49 <REP> nView_Profiles
01/07/2007 15:52 <REP> PC Drivers Headquarters
14/02/2005 01:20 <REP> QuickTime
23/10/2006 20:39 <REP> Sandlot Games
02/01/2003 13:49 <REP> SBSI
02/06/2006 13:02 <REP> Sony
24/09/2006 21:35 <REP> Spybot - Search & Destroy
01/01/2003 18:42 <REP> Symantec
11/12/2004 22:55 <REP> Trymedia
03/08/2007 11:23 <REP> Two Idol Wave Flag
03/12/2004 00:29 <REP> Viewpoint
22/02/2007 23:54 <REP> webnurbwinstop
10/05/2006 17:27 <REP> Windows Genuine Advantage
04/07/2007 13:48 <REP> WindowsLiveInstaller
04/07/2007 13:48 <REP> WLInstaller
01/11/2004 14:16 <REP> Zylom
02/01/2003 13:38 62 desktop.ini
26/08/2006 16:02 1 759 QTSBandwidthCache
2 fichier(s) 1 821 octets
35 Rép(s) 3 651 076 096 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\Default User\Application Data

28/10/2004 02:34 <REP> .
28/10/2004 02:34 <REP> ..
27/10/2004 19:03 <REP> Adobe
15/01/2005 22:04 <REP> Aim
15/01/2005 22:04 <REP> Creative
15/01/2005 22:04 <REP> Help
02/01/2003 13:45 <REP> Identities
27/10/2004 19:03 <REP> InterTrust
15/01/2005 22:04 <REP> InterVideo
15/01/2005 22:04 <REP> Macromedia
02/01/2003 13:37 <REP> Microsoft
15/01/2005 22:04 <REP> Microsoft Web Folders
15/01/2005 22:04 <REP> MSN6
15/01/2005 22:04 <REP> Real
27/10/2004 19:03 <REP> SampleView
27/10/2004 19:03 <REP> Sonic
15/01/2005 22:04 <REP> Sun
27/10/2004 19:03 <REP> Symantec
15/01/2005 22:04 <REP> Template
15/01/2005 22:04 <REP> VERITAS
15/01/2005 22:04 <REP> Zylom
02/01/2003 13:38 62 desktop.ini
15/01/2005 22:54 29 664 GDIPFONTCACHEV1.DAT
15/01/2005 22:53 0 sversion.ini
3 fichier(s) 29 726 octets
21 Rép(s) 3 651 076 096 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

02/01/2003 13:38 <REP> .
02/01/2003 13:38 <REP> ..
27/10/2004 19:03 <REP> ApplicationHistory
15/01/2005 22:04 <REP> Help
15/01/2005 22:04 <REP> Identities
27/10/2004 19:03 <REP> Microsoft
15/01/2005 22:04 <REP> NFS Underground 2 Demo
15/01/2005 22:04 <REP> QubeSoft
15/01/2005 22:04 <REP> Wildtangent
15/01/2005 22:34 20 992 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
27/10/2004 19:03 135 fusioncache.dat
15/01/2005 22:34 45 112 GDIPFONTCACHEV1.DAT
3 fichier(s) 66 239 octets
9 Rép(s) 3 651 072 000 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\LocalService\Application Data

02/01/2003 13:47 <REP> .
02/01/2003 13:47 <REP> ..
02/01/2003 13:47 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 3 651 072 000 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

02/01/2003 13:47 <REP> .
02/01/2003 13:47 <REP> ..
02/01/2003 13:47 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 3 651 072 000 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\NetworkService\Application Data

02/01/2003 13:47 <REP> .
02/01/2003 13:47 <REP> ..
02/01/2003 13:47 <REP> Microsoft
30/11/2004 16:28 <REP> Symantec
0 fichier(s) 0 octets
4 Rép(s) 3 651 072 000 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

02/01/2003 13:47 <REP> .
02/01/2003 13:47 <REP> ..
13/08/2007 14:06 <REP> Apple
02/01/2003 13:47 <REP> Microsoft
0 fichier(s) 0 octets
4 Rép(s) 3 651 072 000 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\PropriÃ©taire\Application Data

07/08/2007 15:01 <REP> .
07/08/2007 15:01 <REP> ..
07/08/2007 15:01 <REP> SecondLife
0 fichier(s) 0 octets
3 Rép(s) 3 651 072 000 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\Propriétaire\Application Data

28/10/2004 02:34 <REP> .
28/10/2004 02:34 <REP> ..
02/01/2003 14:37 <REP> Adobe
27/06/2005 17:18 <REP> AdobeUM
03/12/2004 00:29 <REP> Aim
16/03/2006 15:53 <REP> Apple Computer
17/07/2005 16:41 <REP> ATI
11/12/2004 22:14 <REP> Azureus
04/01/2007 20:50 <REP> Beep Industries
22/02/2007 23:53 <REP> BitDownload
22/01/2005 00:35 <REP> Black Sea Studios
02/11/2004 13:30 <REP> Creative
13/09/2006 20:27 <REP> Download Manager
25/12/2006 16:42 <REP> FUJIFILM
28/04/2005 19:41 <REP> Gearbox Software
17/07/2005 19:13 <REP> Google
28/10/2004 13:36 <REP> Help
02/01/2003 13:47 <REP> Identities
01/03/2007 15:04 <REP> InstallShield
01/03/2007 15:05 <REP> InstallShield Installation Information
24/12/2004 00:21 <REP> InterVideo
02/12/2006 19:46 <REP> iWin
09/08/2006 20:33 <REP> La Bataille pour la Terre du Milieu ™ II
04/08/2007 20:20 <REP> LGSync
30/07/2007 19:45 <REP> Logitech
27/10/2004 18:12 <REP> Macromedia
21/03/2005 22:06 <REP> Media Player Classic
02/01/2003 13:47 <REP> Microsoft
02/12/2004 19:50 <REP> Microsoft Web Folders
09/05/2005 00:24 <REP> Mozilla
13/11/2004 21:15 <REP> MSN6
30/07/2007 19:38 <REP> Musicmatch
16/07/2005 13:51 <REP> NASA
12/10/2005 20:40 <REP> Nology
09/05/2005 00:24 <REP> Nvu
29/10/2004 19:16 <REP> Real
02/01/2003 14:44 <REP> SampleView
20/03/2007 05:58 <REP> Screenshot Sender
07/08/2007 15:00 <REP> SecondLife
13/08/2005 15:38 <REP> SecuROM
09/10/2006 02:06 <REP> Skype
02/01/2003 14:36 <REP> Sonic
02/06/2006 13:02 <REP> Sony
11/12/2006 00:56 <REP> SoundSpectrum
11/12/2004 22:01 <REP> Sun
22/02/2007 23:54 <REP> supporthopebase
01/01/2003 18:42 <REP> Symantec
28/08/2006 14:21 <REP> Talkback
25/06/2006 12:07 <REP> TaoUSign
06/10/2006 00:11 <REP> teamspeak2
27/10/2004 18:43 <REP> Template
06/06/2007 17:53 <REP> U3
27/12/2004 11:14 <REP> VERITAS
09/08/2006 11:24 <REP> WhenU
06/10/2005 18:28 <REP> Wildfire
01/11/2004 15:32 <REP> Zylom
02/01/2003 13:47 62 desktop.ini
08/11/2004 14:20 48 888 GDIPFONTCACHEV1.DAT
18/11/2004 20:06 60 sversion.ini
24/02/2007 16:30 8 192 user52.rdb
4 fichier(s) 57 202 octets
56 Rép(s) 3 651 067 904 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Documents and Settings\Propriétaire\Local Settings\Application Data

02/01/2003 13:47 <REP> .
02/01/2003 13:47 <REP> ..
27/06/2005 17:22 <REP> Adobe
08/08/2007 18:01 <REP> Apple
07/04/2006 17:49 <REP> Apple Computer
02/01/2003 15:01 <REP> ApplicationHistory
17/07/2005 16:41 <REP> ATI
08/06/2007 12:41 <REP> BVRP Software
01/07/2007 15:47 <REP> Downloaded Installations
04/04/2005 21:18 <REP> Freelancer
08/09/2006 03:30 <REP> Google
28/10/2004 13:36 <REP> Help
05/11/2004 22:05 <REP> Identities
02/01/2003 13:47 <REP> Microsoft
24/03/2007 17:36 <REP> Microsoft Help
11/06/2006 16:33 <REP> Mozilla
30/07/2007 19:38 <REP> Musicmatch
05/02/2005 17:45 <REP> NFS Underground 2
05/11/2004 18:38 <REP> NFS Underground 2 Demo
07/08/2006 12:03 <REP> Oblivion
01/07/2007 15:52 <REP> PC_Drivers_Headquarters
07/08/2007 13:09 <REP> PCHealth
24/11/2004 23:52 <REP> QubeSoft
15/07/2007 13:20 <REP> SM
13/09/2006 21:20 <REP> Stardock
03/12/2004 00:29 <REP> Wildtangent
16/03/2007 16:10 <REP> WMTools Downloaded Files
09/06/2007 02:04 <REP> Yahoo
29/10/2004 20:47 135 168 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
02/01/2003 15:03 135 fusioncache.dat
28/10/2004 11:48 93 632 GDIPFONTCACHEV1.DAT
02/10/2006 02:53 3 179 444 IconCache.db
4 fichier(s) 3 408 379 octets
28 Rép(s) 3 651 067 904 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

28/10/2004 02:32 <REP> .
28/10/2004 02:32 <REP> ..
02/01/2003 13:46 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 3 651 067 904 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

18/02/2005 20:57 <REP> .
18/02/2005 20:57 <REP> ..
0 fichier(s) 0 octets
2 Rép(s) 3 651 067 904 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
f‚X A7DŽ^Å®ë¾ÍJF ê <
s €!× : C : \ P r o g r a m F i l e s \ A p p l e S o f t w a r e U p d a t e \ S o f t w a r e U p d a t e . e x e - t a s k S Y S T E M 0 ×

C:\WINDOWS\Tasks\At1.job
Á°h÷8qB’V@iS)gF ä <
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × Tæ.oÔ_5÷‘
=³P ‰„§5òu¤ó¼ŸÜþw0ZuCvÔŠykó;ºXJíßo«S®Ÿ

C:\WINDOWS\Tasks\At10.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × 5ØB‡îcŠŠïñÎ•ÍÞ|(“ð' J^E}jôÃQúØ0¯ÕºˆõY]wþñ]ëÃ×áU_º]Ž¡ZŒ/¥@³„

C:\WINDOWS\Tasks\At11.job
! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 ×
ã‹V‘WØD®-7X!‚¬·½c¼”ðpŒú¡,Yi§¾Çq± Ü«ž·HŸ™¼ðµõrˆÉ²´,˜³` à

C:\WINDOWS\Tasks\At12.job
C}l»™0xDžK"¬®=¹±F ä <
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ¶×¸fHµà<R]S¦ÜŠBMoq¼#zV÷z)&&$çìÍÂŽÜ(3RPT¢]ÜôT@ƒ¼fžêm>Š

C:\WINDOWS\Tasks\At13.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × Äsý
DAh<µ9 »ú„˜u†É¦úí`jz&ÞÁbõ_R÷5§á
½

C:\WINDOWS\Tasks\At14.job
’ÆÔTi)O‹70@Ï€ŒF ä <
s !×
! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 ×
°} á~ü§q9˜c³?«¤s%yJAØ½éb;½”ß{»,ÑwŒð©Œül+ï³« bèK‘¬pèÆ^£”

C:\WINDOWS\Tasks\At15.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ·þèfm ^F› Š´æåÃá¼‘‡«sûCÁ(jI’KhWÏê

C:\WINDOWS\Tasks\At16.job
þVrÒ=ß#I€b¤ˆ0*ºF ä <
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ¦LºàR³ èÆ¦.-Z>Ý"Ç¤§ƒ ž¦~`Ÿ—4yÊêžKÛ¹h¿gMöó“¬þ âA‡è?ê^a>‹

C:\WINDOWS\Tasks\At17.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ç½]¿ë}[7Wœ2¾í#V´#>ÁŠ|_9ã%tu…`]ÃN]ó¢&º¤{€S"mS]î•#DßlS

C:\WINDOWS\Tasks\At18.job
Ñ6Y¹ýQþC¿¬ß°ZF ä <
s !× . ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × e¥8}'

C:\WINDOWS\Tasks\At19.job
¥`|oDÚLNLÖ-Ð£Â´F ä <
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ±’¹DÚ¦²5îÙç;ÓsÓD7Ùu®ºöÝNe*
9ïLÆGG›yÏ_á‘V{É-?½y.jvØH7^

C:\WINDOWS\Tasks\At2.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ôØŽÕˆå)ÎkÁü·›@éßå—wldú«ÆNÈøÀªpÉÖ¯’£¼*OîÔî–Öóßú4FŸ_

C:\WINDOWS\Tasks\At20.job
óp`lJJ¨±&wW`‡F ä <
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ½Zv Qœ@ÒÈ1òaÇ·Áœàï"FôÕÅ¨Ú° ”¨UúÆËx-V:šþ\ž˜èW2,p
MóR\!‘S

C:\WINDOWS\Tasks\At21.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ŸG<*brRW;³é¤9To’žÂÅ¤9/ ¢œ÷X9›ÈH„!Öú+kÎ=0
|ÌSeÊ{óõÂa¢©ÒøQ

C:\WINDOWS\Tasks\At22.job
¥ÏáûsFcB¼§!ê:!F ä <
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × *wC´¹¿¢$k$B µ4ÑVWéÁE|X‰ßG->ÜÏšLH5´æžBb3õr·&]"3+Xm4ruš

C:\WINDOWS\Tasks\At23.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × A„Ë©—dQL¾·a»‘Ï²zuGí”¡´W.{™Û.¤²ø÷W-ï¿O&XiœŸr^¾œp$g–K

C:\WINDOWS\Tasks\At24.job
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × JPu¸êHšW´MÄËÖ‚°OŠ¬øºc¹èº
ŽñcP³òñYBßëuƒ$¸èw‘ø¬¥xQÎÕ¬v~Ëýrk‚

C:\WINDOWS\Tasks\At3.job
:‹Ùë(G´) pƒÏØ
F ä <
s !× . ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × W^âª±«Ì§L“°=W£øXö´¢ã^/×–S@À7,tÓœ›
+»–º®+Õ½ Ü‘_¥b·IUÀs1P(œJP

C:\WINDOWS\Tasks\At4.job
§SìåYCIŒ³a„YBcF ä <
s !× N ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ´¿‰Ôó©“3ÒR…O¥z´
D°#ëw&t‰MÃ!ÌZLÎ’®x9Nzøm6ÐÇìö^

C:\WINDOWS\Tasks\At5.job
s !× ] ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ¾$wü¿&ZÄNk| Ôkïïxlã‰@ø€ ¡ìÿ'ä^\7m¾SËT¶/²Ü
^Þ(¼†§nÑé¢

C:\WINDOWS\Tasks\At6.job
¾Bíuù³E·-šÉdP§F ä <
s !× ; ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × rCý"Yû ÷@Lˆ©/Û…ê5«(qŒ>Cu{ùæf²ÎGÇÎ£:ïïI½Þp\låÙ@tP

C:\WINDOWS\Tasks\At7.job
È~ÝG¼ß¹L„åæÓL0•±F ä <
s !× % ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × pôKD}7|RÙ.öÀIÕØWÜûcpÍ6ä#eÙ©‹c#+,¼:Ed^ý0ðÛ‹òöHs±üU„ì×˜

C:\WINDOWS\Tasks\At8.job
Ôò¦.|jA©×qU¢Î?hF ä <
s !× Z ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × ¿òŸ¬jY„µõ®êÊ&eú3!~vÖj‰×ÔØVÎ˜7Ù¢DFV³î&Nº
ÈVõýp‘ÎùQà*ã_tú7šÆ?t

C:\WINDOWS\Tasks\At9.job
¡£ˆÌ)L´‘çþëú¬CF ä <
s !× ! C : \ W I N D O W S \ s y s t e m 3 2 \ M C u 0 8 0 3 K . e x e S Y S T E M C r é é p a r N e t S c h e d u l e J o b A d d . 0 × íÇ÷
ßNVžpÚÏÚ¬½i
2µ8VaGh–P´kÄ/ HÈs?îÚžL K^·w}¦ Ý&èZ

C:\WINDOWS\Tasks\Connexion
Connexion inexploitable

C:\WINDOWS\Tasks\EFE880EF835B43F7.job
X´KµœÌ@½yELÚA° F æ <
s "€!× + 8 c : \ d o c u m e ~ 1 \ p r o p r i ~ 1 \ a p p l i c ~ 1 \ s u p p o r ~ 1 \ S o f t A n t e T h a t . e x e
P r o p r i é t a i r e 0 Í <
******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\Program Files

01/09/2007 04:33 <REP> .
01/09/2007 04:33 <REP> ..
16/01/2005 21:32 114 770 .MNT
01/02/2005 22:49 <REP> _ArcadeDownloadFolder
15/09/2006 20:00 <REP> Acclaim
14/01/2006 08:30 <REP> Acoustica MP3 To Wave Converter PLUS
18/01/2005 20:35 <REP> Admanager Controller
23/04/2007 12:45 <REP> Adobe
12/05/2007 20:47 <REP> AGEIA Technologies
27/11/2004 08:40 <REP> Agfa
09/08/2006 12:32 <REP> Alwil Software
25/04/2007 23:00 <REP> Antipub
08/08/2007 18:01 <REP> Apple Software Update
17/07/2006 16:34 <REP> autres logiciel
14/01/2005 22:14 <REP> autres logiciels
13/08/2007 10:10 <REP> Avanquest update
13/05/2007 17:18 <REP> Bethesda Softworks
25/03/2005 22:14 <REP> BFG
10/08/2006 23:56 <REP> Big Kahuna Reef
24/02/2007 15:11 <REP> BitDownload
06/05/2005 19:37 <REP> Black Isle
02/05/2005 21:12 <REP> BoontyGames
05/04/2007 16:00 <REP> Casperlab Software
04/01/2007 20:56 <REP> Celestia
24/02/2005 21:43 <REP> Cimaware
20/08/2007 15:48 <REP> Codemasters
24/09/2006 21:58 <REP> common files
02/01/2003 13:42 <REP> ComPlus Applications
01/11/2004 22:18 <REP> Creative
25/09/2006 20:46 <REP> DaemonTools_WhenUSaveNow_Installer
22/03/2006 20:24 127 064 DeniaudJP.MNT
01/07/2006 09:41 114 770 DeniaudJPA.MNT
14/06/2005 23:53 <REP> dialers
04/07/2005 17:47 <REP> directx
11/01/2006 19:29 <REP> DJ Mix Pro
27/08/2006 23:52 <REP> Doom 3
10/08/2006 23:57 <REP> DVD X Player 4.0 Professionnel
01/09/2007 05:16 <REP> e-anim701
22/10/2006 21:21 <REP> Easy Internet signup
28/08/2006 18:12 <REP> eChanblard
22/10/2006 08:45 <REP> Electronic Arts
16/05/2005 19:57 <REP> eMule
24/06/2005 17:34 <REP> EndItAll
28/10/2004 23:32 <REP> EPSON
31/01/2005 21:12 <REP> ExternalIcons
16/03/2006 19:05 <REP> ffdshow
30/07/2007 19:35 <REP> Fichiers communs
09/10/2005 15:49 <REP> FilePlanet
27/02/2007 11:46 <REP> FinePixViewer
18/04/2006 20:04 <REP> Free Audio Pack
20/02/2005 03:50 <REP> Free.fr
18/08/2006 14:16 <REP> FreeGo
17/12/2004 21:11 <REP> FreeRAM
19/04/2007 03:58 <REP> FusionSoft DVD Player XP
16/09/2006 19:12 <REP> GameSpy Arcade
23/06/2007 01:13 <REP> Gimp
14/11/2004 20:10 <REP> GLOBEtrotter Software Inc
29/01/2007 09:48 <REP> Google
27/04/2005 04:20 <REP> GSC Game World
14/12/2004 20:03 369 halflife2_25735_hq.zip.FilePlanetCache
07/06/2005 23:13 <REP> ID Software
21/08/2007 15:42 <REP> IKEA HomePlanner
15/08/2005 19:19 122 INSTALL.LOG
19/04/2007 03:54 <REP> InterActual
16/07/2007 12:55 <REP> internet ad
25/09/2006 07:48 <REP> Internet Explorer
10/07/2007 13:03 <REP> IPACS
16/12/2004 23:08 <REP> ISOpen
02/04/2005 14:40 <REP> Itrdgxf
27/12/2006 14:54 <REP> Java
17/01/2005 17:55 <REP> Java Web Start
01/03/2007 15:05 <REP> jeux
28/02/2007 02:49 <REP> Jeux video
23/01/2005 15:31 <REP> Jeux vidéo
26/01/2005 19:45 <REP> JVTorrent
28/05/2007 10:15 <REP> Kodak
11/08/2006 00:01 <REP> Legend of Aladdin
04/08/2007 20:07 <REP> LG Electronics
04/08/2007 20:05 <REP> LGE GSM PC Sync
28/04/2007 13:00 <REP> LimeWire
30/07/2007 19:36 <REP> Logitech
25/12/2006 13:50 <REP> Look@LAN
11/08/2006 00:01 <REP> Loop12 V2
26/01/2006 19:41 <REP> LucasArts
25/09/2005 15:35 <REP> Luxor
05/02/2007 17:05 <REP> Magic Vines
17/12/2004 18:13 <REP> Managed DirectX (0900)
25/05/2005 19:50 <REP> Media Access
02/04/2005 14:40 <REP> Media Pass
21/03/2005 22:06 <REP> Media Player Classic
06/04/2005 19:39 <REP> Merscom
19/04/2005 18:16 <REP> Messenger
12/06/2007 03:12 <REP> Messenger Plus! Live
07/06/2006 11:10 <REP> microsoft frontpage
04/04/2005 19:33 <REP> Microsoft Games
26/07/2007 22:18 <REP> Microsoft LifeCam
24/03/2007 17:43 <REP> Microsoft Office
01/01/2003 19:21 <REP> Microsoft Visual Studio
24/03/2007 17:44 <REP> Microsoft Works
07/04/2005 18:53 <REP> Mindscape
07/11/2004 02:32 57 605 313 moh_pacific_assault_mpdemo.exe.FilePlanetCache
27/06/2005 23:16 <REP> Morrowind
27/06/2005 23:16 239 Morrowind.ini
15/11/2004 20:52 455 463 677 mov_spdemo_gsi.exe
16/03/2007 15:58 <REP> Movie Maker
10/01/2006 01:38 <REP> MP3 Wave Maker
02/01/2003 13:41 <REP> MSN
02/01/2003 13:41 <REP> MSN Gaming Zone
04/07/2007 13:50 <REP> MSN Messenger
11/08/2006 00:15 <REP> MSXML 4.0
22/02/2007 23:12 <REP> Multi_Media_France
10/01/2006 01:31 <REP> Music Mixer 3.0
30/07/2007 19:38 <REP> MUSICMATCH
24/12/2004 00:49 <REP> MUSK Codec Pack v5
16/07/2005 13:47 <REP> NASA
06/06/2006 13:21 <REP> Netlor Studio
25/06/2005 11:26 501 Netlor StudioStyleView.sps
13/04/2005 18:47 <REP> NetMeeting
20/08/2007 02:44 <REP> Nobilis
09/08/2006 12:29 <REP> Norton AntiVirus
18/02/2005 20:54 <REP> Norton Personal Firewall
11/08/2006 00:09 <REP> Nvu
25/09/2006 07:48 <REP> Outlook Express
26/02/2007 10:22 <REP> Panicware
16/12/2006 09:56 <REP> Picasa2
25/12/2006 16:51 <REP> PIXELA
05/03/2007 03:39 <REP> Playlogic
24/06/2006 18:01 <REP> PopCap Games
25/05/2005 19:50 <REP> Preview AdService
27/06/2005 23:16 57 ProgramFlow.txt
01/02/2005 22:52 <REP> Real
08/03/2005 12:25 <REP> RecordNow
10/08/2006 23:56 <REP> Reflexive
02/04/2005 14:03 <REP> ReflexiveArcade
25/12/2006 16:40 <REP> REGSHAVE
17/01/2006 18:57 <REP> Samsung
04/08/2005 23:54 <REP> ScreenMates
07/08/2007 15:00 <REP> SecondLife
02/01/2003 14:51 <REP> Services en ligne
24/12/2004 00:49 <REP> SLD Codec Pack
26/01/2006 20:04 <REP> SlySoft
15/07/2007 13:20 <REP> SM
13/04/2005 19:59 <REP> Smart Projects
11/08/2006 00:14 <REP> Sony
02/06/2006 12:54 <REP> Sony Setup
18/08/2007 04:15 <REP> SoundSpectrum
30/12/2006 00:43 <REP> SpeedFan
18/05/2007 22:40 <REP> Spybot - Search & Destroy
03/08/2007 11:22 <REP> supporthopebase
11/08/2006 00:16 <REP> TallStick
30/07/2007 20:40 <REP> Teamspeak2_RC2
02/06/2005 11:13 <REP> temp
02/06/2005 01:23 <REP> The Adventure Company
29/08/2005 19:47 <REP> The Bitmap Brothers
16/03/2006 19:12 <REP> Think Tanks
15/01/2005 15:11 <REP> THQ
24/12/2004 03:55 <REP> Tilted Mill
12/05/2007 19:44 <REP> Timeline Interactive
02/04/2007 21:23 <REP> TSO
13/05/2007 17:33 <REP> Ubi Soft
01/03/2007 14:23 <REP> Ubisoft
08/03/2006 21:37 <REP> VCW VicMan's Photo Editor
14/02/2005 01:07 <REP> VectorWorks 11
03/12/2004 00:29 <REP> Viewpoint
23/12/2004 20:56 <REP> Visiosonic
26/08/2006 19:44 <REP> VUGames
16/03/2006 19:12 <REP> Warblade
02/06/2005 01:18 <REP> Warcraft III
27/06/2005 23:16 47 Warnings.txt
17/11/2004 18:14 <REP> WexTech
03/12/2004 01:00 <REP> WildTangent
02/09/2006 14:56 <REP> Windows Journal Viewer
04/07/2007 13:48 <REP> Windows Live
11/12/2006 00:08 <REP> Windows Media Connect 2
11/12/2006 00:08 <REP> Windows Media Player
20/01/2005 21:58 <REP> Windows NT
21/01/2006 19:36 <REP> WinLemm
29/12/2006 14:11 <REP> WinPcap
10/04/2005 19:22 <REP> WinRAR
30/07/2007 03:09 <REP> WowCartographe
02/01/2003 13:45 <REP> xerox
09/06/2007 02:04 <REP> Yahoo!
12/01/2006 02:59 <REP> YoGen
29/04/2006 09:44 <REP> ZUM
28/07/2007 13:10 <REP> Zylom Games
11 fichier(s) 513 426 929 octets
174 Rép(s) 3 651 043 328 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
*.zylomgames.com REG_BINARY 00000000
www.choc.fr REG_BINARY
*.zylom.com REG_BINARY
netsearchsoft.com REG_SZ
www.netsearchsoft.com REG_SZ
netbios-wait.com REG_SZ
www.netbios-wait.com REG_SZ
*.starsdoor.com REG_BINARY

* Mozilla Firefox (1 autorisé 2 interdit)

******************************************
## Registre

* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://search.msn.fr/spbasic.htm

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Dvd Warn REG_SZ C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPPOR~1\datelicense.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dvd Warn]
command REG_SZ C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPPOR~1\datelicense.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stupid Data Dart Wave]
command REG_SZ C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Inter bags.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\winstopfunkproc]
command REG_SZ C:\Documents and Settings\All Users\Application Data\webnurbwinstop\Sixth glue.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est D08C-E367

Répertoire de C:\WINDOWS

16/01/2005 15:49 661 update65.htm
1 fichier(s) 661 octets
0 Rép(s) 3 651 047 424 octets libres

*************** Fin du rapport ****************

Répondre à Melerfell

Bonjour

$$ Relance un scan HijackThis et coche les lignes ci-dessous :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: {A20CC53E-61FE-4788-85FF-A0F9C9B4C2A9} - {93989C8B-BD5F-4783-A470-EB07F08E83C7} - C:\WINDOWS\system32\winapic32.dll (file missing)
O2 - BHO: CHungryBHO Object - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\neti.dll (file missing)
O2 - BHO: {92E1B3F7-0546-421E-9835-904D25B7BA66} - {C4F147D7-BF25-488E-A12B-EFD43E7029BF} - C:\WINDOWS\system32\winvbie.dll (file missing)
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Inter bags.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Dvd Warn] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPPOR~1\datelicense.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Bluetooth\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Bluetooth\btsendto_ie.htm (file missing)
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/ac [...] 0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1350d7 [...] 601_fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylomgames.com/activ [...] player.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN [...] uncher.cab
O18 - Protocol: bw+0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1437E789-891D-45C7-9931-0466EFBFEBC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

$$ Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner
Clique sur Options, Avancé et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Ne touche pas aux autres réglages.
Lance le nettoyage.

$$ Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.c [...] MoveIt.exe
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt aste List of Files/Folders to be moved.

C:\Documents and Settings\All Users\Application Data\flag ace stupid data
C:\Documents and Settings\All Users\Application Data\Two Idol Wave Flag
C:\Documents and Settings\All Users\Application Data\webnurbwinstop
C:\Documents and Settings\Propriétaire\Application Data\BitDownload
C:\Documents and Settings\Propriétaire\Application Data\supporthopebase
C:\Documents and Settings\Propriétaire\Application Data\WhenU
C:\WINDOWS\system32\MCu0803K.exe
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
C:\WINDOWS\Tasks\EFE880EF835B43F7.job
C:\Program Files\BitDownload
C:\Program Files\DaemonTools_WhenUSaveNow_Installer
C:\Program Files\Media Access
C:\Program Files\Multi_Media_France
C:\Program Files\Preview AdService
C:\Program Files\supporthopebase

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles avec un nouveau Hijackthis.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_

Bonjour,
Voici donc les rapport demander en premier celui de Move-it:

Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\flag ace stupid data scheduled to be deleted on reboot.
C:\Documents and Settings\All Users\Application Data\Two Idol Wave Flag moved successfully.
C:\Documents and Settings\All Users\Application Data\webnurbwinstop moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload\Data\TmpDir moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload\Data\LgDir moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload\Data\DataDir moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload\Data\BackUp\LgDir moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload\Data\BackUp\DataDir moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload\Data\BackUp moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload\Data moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\BitDownload moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\supporthopebase moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\WhenU moved successfully.
C:\WINDOWS\system32\MCu0803K.exe moved successfully.
C:\WINDOWS\Tasks\At1.job moved successfully.
C:\WINDOWS\Tasks\At10.job moved successfully.
C:\WINDOWS\Tasks\At11.job moved successfully.
C:\WINDOWS\Tasks\At12.job moved successfully.
C:\WINDOWS\Tasks\At13.job moved successfully.
C:\WINDOWS\Tasks\At14.job moved successfully.
C:\WINDOWS\Tasks\At15.job moved successfully.
C:\WINDOWS\Tasks\At16.job moved successfully.
C:\WINDOWS\Tasks\At17.job moved successfully.
C:\WINDOWS\Tasks\At18.job moved successfully.
C:\WINDOWS\Tasks\At19.job moved successfully.
C:\WINDOWS\Tasks\At2.job moved successfully.
C:\WINDOWS\Tasks\At20.job moved successfully.
C:\WINDOWS\Tasks\At21.job moved successfully.
C:\WINDOWS\Tasks\At22.job moved successfully.
C:\WINDOWS\Tasks\At23.job moved successfully.
C:\WINDOWS\Tasks\At24.job moved successfully.
C:\WINDOWS\Tasks\At3.job moved successfully.
C:\WINDOWS\Tasks\At4.job moved successfully.
C:\WINDOWS\Tasks\At5.job moved successfully.
C:\WINDOWS\Tasks\At6.job moved successfully.
C:\WINDOWS\Tasks\At7.job moved successfully.
C:\WINDOWS\Tasks\At8.job moved successfully.
C:\WINDOWS\Tasks\At9.job moved successfully.
C:\WINDOWS\Tasks\EFE880EF835B43F7.job moved successfully.
C:\Program Files\BitDownload\ZM moved successfully.
C:\Program Files\BitDownload\Support moved successfully.
C:\Program Files\BitDownload\Skins moved successfully.
C:\Program Files\BitDownload moved successfully.
C:\Program Files\DaemonTools_WhenUSaveNow_Installer moved successfully.
C:\Program Files\Media Access moved successfully.
C:\Program Files\Multi_Media_France\RadioPlayer moved successfully.
C:\Program Files\Multi_Media_France moved successfully.
C:\Program Files\Preview AdService moved successfully.
C:\Program Files\supporthopebase moved successfully.

Created on 09/06/2007 04:28:44

Et Ensuite celui de Hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:37:00, on 06/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SM\skymessnet.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
D:\Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Propriétaire\Bureau\divers ANTHONY\Reste disque D pour place pour STEAM\Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Rar$EX00.454\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr8.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/y [...] .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Dvd Warn] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPPOR~1\datelicense.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O8 - Extra context menu item: Send To &Bluetooth - D:\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - D:\Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: AVCore (SrvMain) - Unknown owner - C:\Documents and Settings\All Users\Application Data\avservice.exe (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 5827 bytes

Merci beaucoup pour cette petite manip que je n'aurais pas su faire seul Je vais naviguer sur le net voir si cela continu je vous tiendrais au courant. Amoin que quelque chose soit passer entre les mail du filet dans ce cas je vous laisse me prevenir
et Merci encore pour ce que vous faite...

Répondre à Melerfell

Bonjour

Relance Hijackthis et fixe cette ligne.

O4 - HKCU\..\Run: [Dvd Warn] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPPOR~1\datelicense.exe

Fais une analyse antivirus en ligne sur Kaspersky
http://webscanner.kaspersky.fr/
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse.
Colle son rapport ici.

Aide toi de ce lien.
http://www.infos-du-net.com/forum/ [...] -kaspersky

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_

Donne ton avis en vidéo

Liens commerciaux