bonjour, besoin d'aide trojan !!! [résolu]

Bonjour,

Merci d'expliquer votre problème.

Télécharge SmitfraudFix (de S!ri)
Enregistre le sur ton bureau.

Lance-le en double cliquant sur SmitfraudFix.exe
Appuie sur une touche comme demandé.
Exécute l’option 1, un rapport va apparaître, poste le .

Bonjour,

merci

mon problème est que je suis envahie de pub intempestives et qu'avast m'a signalé une invasion de trojan.


voici le rapport de Smitfraudix

SmitFraudFix v2.253

Rapport fait à 18:59:40,64, 18/11/2007
Executé à partir de C:\Documents and Settings\mylene\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\system32\mjbdit.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\WANADOO\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\privacy_danger PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mylene


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mylene\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\mylene\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\RichVideoCodec\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{B454972F-88A4-4D19-BE8F-C81E0D49E960}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CEF0473A-BBEC-4422-B7CE-BE9C5F3E7831}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B454972F-88A4-4D19-BE8F-C81E0D49E960}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CEF0473A-BBEC-4422-B7CE-BE9C5F3E7831}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{B454972F-88A4-4D19-BE8F-C81E0D49E960}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CEF0473A-BBEC-4422-B7CE-BE9C5F3E7831}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Re,

Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Relance SmitfraudFix.
Prends cette fois l’option 2. (Oui à toutes les questions)

Si tu dois redémarrer, ton ordi fais-le .
Poste le rapport qui se situe dans C:\rapport.txt .
Ainsi qu’un nouveau rapport HiJackThis.

SmitFraudFix v2.253

Rapport fait à 20:30:54,51, 18/11/2007
Executé à partir de C:\Documents and Settings\mylene\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\privacy_danger\ supprimé
C:\Program Files\RichVideoCodec\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{CEF0473A-BBEC-4422-B7CE-BE9C5F3E7831}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CEF0473A-BBEC-4422-B7CE-BE9C5F3E7831}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{B454972F-88A4-4D19-BE8F-C81E0D49E960}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CEF0473A-BBEC-4422-B7CE-BE9C5F3E7831}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Il manque le rapport SmitfraudFix.

Logfile of HijackThis v1.99.1
Scan saved at 20:32:25, on 18/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX00.078\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {1658DABA-FC4C-46C6-BC48-246CFEA0C436} - C:\WINDOWS\oprevgkx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: The bonsws - {3FDA21ED-312C-44DD-9030-A2DC90FD1CCD} - C:\WINDOWS\bonsws.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [mjbdit] c:\windows\system32\mjbdit.exe mjbdit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: bw+0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: nopctrl - {20C36835-D3F4-449A-818E-448B8E07A549} - C:\WINDOWS\nopctrl.dll (file missing)
O21 - SSODL: ddkret - {1CA61117-16C9-47BA-B613-240BC2BD6151} - C:\WINDOWS\ddkret.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

Bien, on va voir si SDFix trouve quelque chose, sinon on supprimera le reste à la main.

Télécharge SDFix (d’Andy Manchesta)

Enregistre le sur ton le bureau.

Lance le.
Fais install afin qu’il puisse s’extraire.

Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Lance SDFix.
Double clique sur RunThis.bat .
Appuie sur Y pour le lancer.

Il te sera demandé d'appuyer sur une touche pour redemarrer , fais le
Il est probable que le redémarrage soit un peu plus long que d’habitude.
Une fois l’apparition de ton Bureau, il affichera Finished

Appuie sur une touche.

Un rapport est généré , poste le dans ta réponse.
Il se trouve également. dans le dossier SDFix >Report.txt<

SDFix: Version 1.114

Run by mylene on 18/11/2007 at 21:02

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\mylene\Bureau\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default HomePage Value
Restoring Default Desktop Components Value

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\bonsws.dll - Deleted
C:\WINDOWS\dat.txt - Deleted
C:\WINDOWS\ddkret.dll - Deleted
C:\WINDOWS\rs.txt - Deleted
C:\WINDOWS\sawkip.exe - Deleted
C:\WINDOWS\search_res.txt - Deleted
C:\WINDOWS\OPREVGKX.DLL - Deleted



Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-18 21:06:47
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
"C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\LIVECOM.EXE"="C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\LIVECOM.EXE:*:Enabled:Livecom"
"C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\..\\EconfV4\\ftplayer.exe"="C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\..\\EconfV4\\ftplayer.exe:*:Enabled:Livecom Media"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Livecom\\Application\\eConfv4\\livecomp.exe"="C:\\Program Files\\Livecom\\Application\\eConfv4\\livecomp.exe:*:Enabled:Livecom Player"
"C:\\Program Files\\p2pnetworks\\p2pnetworks.exe"="C:\\Program Files\\p2pnetworks\\p2pnetworks.exe:*:Enabled 2PNetworks"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"="C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe:*:Enabled:Securitoo Antivirus Firewall"
"C:\\Program Files\\eMule2\\eMule.exe"="C:\\Program Files\\eMule2\\eMule.exe:*:Enabled:eMule Plus"
"C:\\Program Files\\lphant\\eLePhantClient.exe"="C:\\Program Files\\lphant\\eLePhantClient.exe:*:Enabled:lphant Client"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\tvants\\Tvants.exe"="C:\\Program Files\\tvants\\Tvants.exe:*:Enabled:TVAnts"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Player Video StarAcademy Orange\\starac06.exe"="C:\\Program Files\\Player Video StarAcademy Orange\\starac06.exe:*:Enabled neClick"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:* isabled:Kodak Software Updater"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:* isabled:Azureus"
"C:\\Program Files\\eMule2\\Config\\eMule\\emule.exe"="C:\\Program Files\\eMule2\\Config\\eMule\\emule.exe:* isabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"E:\\All\\Inventel\\RGWRepair.exe"="E:\\All\\Inventel\\RGWRepair.exe:* isabled:RGWRepair"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\LIVECOM.EXE"="C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\LIVECOM.EXE:*:Enabled:Livecom"
"C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\..\\EconfV4\\ftplayer.exe"="C:\\PROGRA~1\\LIVECOM\\APPLIC~1\\EXE\\..\\EconfV4\\ftplayer.exe:*:Enabled:Livecom Media"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files:
---------------

File Backups: - C:\DOCUME~1\mylene\Bureau\SDFix\backups\backups.zip

Files with Hidden Attributes:

Mon 17 Oct 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Mon 17 Oct 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Mon 17 Oct 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Mon 17 Oct 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Mon 17 Oct 2005 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Wed 5 Jul 2006 1,890 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Wed 5 Jul 2006 56 ..SHR --- "C:\WINDOWS\system32\603B9A6962.sys"
Wed 4 Apr 2007 8 ..SHR --- "C:\WINDOWS\system32\349573FCF9.dll"
Sun 15 Jan 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 1 Feb 2006 15,032,036 A..HR --- "C:\Documents and Settings\guillaume\Bureau\klcodec268f.exe"
Thu 1 Nov 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\388e66e644283db0233c4a98f2fd08a0\BIT3.tmp"
Thu 1 Nov 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT4.tmp"
Tue 2 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\493c50fe9f23ee81559d491f3f423dc0\BIT137.tmp"
Tue 2 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6658f544763a012c23109e05e811db81\BIT138.tmp"
Tue 2 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b79817f6eaff5d013a81bd2aff4f2954\BIT139.tmp"
Tue 2 Oct 2007 12,396,400 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d87fb8947e75ca18dc081689c7a9b0bf\BIT13A.tmp"
Tue 2 Oct 2007 4,830,072 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\be055ba2b2ed973399d61482c6723317\BIT13B.tmp"
Tue 2 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a1feda554f795971fda237333f75243f\BIT13C.tmp"
Tue 2 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\64e594df5de9258be376fcbfc53c7318\BIT13D.tmp"
Tue 5 Jun 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 13 Oct 2007 330,086 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E8.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT405.tmp"
Sat 13 Oct 2007 330,086 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3D9.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3DA.tmp"
Sat 13 Oct 2007 320,978 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3DB.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BITF.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3DC.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3DD.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3DE.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3DF.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E0.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E1.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3EA.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3EB.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E2.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E3.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E4.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E5.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E6.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E7.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT70.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3EC.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3ED.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E9.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3EE.tmp"
Sat 17 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3EF.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3F1.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3F2.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3F6.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3F9.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3FC.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3FD.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3FE.tmp"
Sat 17 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3FF.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT400.tmp"
Sat 17 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT401.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT402.tmp"
Sat 13 Oct 2007 330,086 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3D8.tmp"
Wed 8 Aug 2007 85,946 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT41E.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT1.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BITB.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT9.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BITC.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT6.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT4A0.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BITE.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT12.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT10.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT15.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT16.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT1C.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT14.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT25.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT19.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT22.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT2C.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT27.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT29.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT2A.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3C.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT31.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT2E.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT34.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT38.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT4B.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT49.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3E.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT42.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT57.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT52.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT4F.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT53.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT56.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT5E.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT5F.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT59.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT62.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT6A.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT67.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT69.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT6D.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT6B.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT6E.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT6F.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT71.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT9F.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT5.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT7.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT8.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT11.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT13.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT1D.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BITA.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BITD.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT1A.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT23.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT26.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT2D.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT39.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT37.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT44.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT45.tmp"
Wed 8 Aug 2007 85,946 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3D.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3B.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT50.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT4A.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT54.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT60.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT58.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT5A.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT5B.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT5C.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT6C.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT63.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT64.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT72.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT7A.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT76.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT7B.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT74.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT84.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT82.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT85.tmp"
Sun 18 Nov 2007 85,946 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT91.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT7D.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT89.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT93.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT9C.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT8F.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT96.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT9A.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT9B.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT9D.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BIT9E.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\guillaume\Local Settings\Temp\BITA0.tmp"
Sun 18 Nov 2007 388,090 A..H. --- "C:\Documents and Settings\mylene\Local Settings\Temp\BIT94.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\mylene\Local Settings\Temp\BITAF.tmp"
Sun 18 Nov 2007 0 A..H. --- "C:\Documents and Settings\mylene\Local Settings\Temp\BITB3.tmp"
Sat 13 Nov 2004 37,376 ...H. --- "C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe"
Fri 19 May 2006 20 A..H. --- "C:\Documents and Settings\mylene\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Sun 15 Jan 2006 4,348 ...H. --- "C:\Documents and Settings\mylene\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sun 15 Jan 2006 400 A.SH. --- "C:\Documents and Settings\mylene\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Fri 19 Oct 2007 4,507,648 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL3722.tmp"
Fri 19 Oct 2007 15,550,464 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL3272.tmp"
Fri 19 Oct 2007 17,647,104 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL2267.tmp"
Fri 19 Oct 2007 18,681,344 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL0652.tmp"
Fri 19 Oct 2007 23,072,256 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL3510.tmp"
Sat 20 Oct 2007 27,121,152 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL3018.tmp"
Sat 20 Oct 2007 30,028,288 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL2531.tmp"
Sat 20 Oct 2007 33,121,792 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL3976.tmp"
Sat 20 Oct 2007 36,137,984 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL0496.tmp"
Sat 20 Oct 2007 41,853,440 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL3010.tmp"
Sat 20 Oct 2007 45,192,192 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL3628.tmp"
Sat 20 Oct 2007 50,711,040 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL0758.tmp"
Sat 20 Oct 2007 56,589,824 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL0617.tmp"
Sat 20 Oct 2007 60,751,360 ...H. --- "C:\Documents and Settings\mylene\Mes documents\ANIMALERIE\D‚fil‚ de mode 2007\~WRL1729.tmp"

Finished!

Reposte un Hijackthis.

en mode sans echec ou comme ça ?

Normalement  

Logfile of HijackThis v1.99.1
Scan saved at 22:12:50, on 18/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\WANADOO\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX00.390\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {1658DABA-FC4C-46C6-BC48-246CFEA0C436} - C:\WINDOWS\oprevgkx.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: The bonsws - {3FDA21ED-312C-44DD-9030-A2DC90FD1CCD} - C:\WINDOWS\bonsws.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: bw+0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

Mieux ?

Télécharge sur ton bureau : Clean (de Malekal)
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.
Le rapport se trouve ici : C:\rapport_clean.txt
Tuto

Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

++++++++++++

Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

Télécharge et installe Antivir. (tuto)
Pourquoi changer ? Avast vs Antivir
Vérifie qu’il soit bien à jour ! Fais une analyse complète, poste le rapport.

18/11/2007 a 22:36:34,64

*** Recherche des fichiers dans C:
C:\StubInstaller.exe FOUND

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\check.exe FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
"C:\WINDOWS\Downloaded Program Files\installer2.dll" FOUND
"C:\Documents and Settings\mylene\Application Data\ShopperReports\" FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Fichiers communs\WhenU\" FOUND
"C:\Program Files\Adverts\" FOUND
"C:\Program Files\BitDownload" FOUND
"C:\Program Files\Masta\" FOUND
"C:\Program Files\MediaPipe\" FOUND
"C:\Program Files\p2pnetworks\" FOUND
"C:\Program Files\Save\" FOUND
*** Fin du rapport !

18.11.2007 23:31:27 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:31:27 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
18.11.2007 23:31:27 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\
18.11.2007 23:31:27 - Start the Update GUI... Displaymode: 0

18.11.2007 23:31:27 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:31:27 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
18.11.2007 23:31:27 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\
18.11.2007 23:31:27 - Start the Update GUI... Displaymode: 0

18.11.2007 23:31:30 - Keyfile: OK [FULL Mode]

18.11.2007 23:31:30 - Avira AntiVir PersonalEdition Classic

18.11.2007 23:31:32 - Master IDX file has changed
18.11.2007 23:31:37 - Keyfile: OK [FULL Mode]

18.11.2007 23:31:38 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/classic-nt-en.info.gz
18.11.2007 23:31:39 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:31:39 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/vdf.info.gz
18.11.2007 23:31:41 - Keyfile: OK [FULL Mode]

18.11.2007 23:31:41 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/specvir-nt.info.gz
18.11.2007 23:31:42 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/engine.info.gz
18.11.2007 23:31:42 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/engine-nt-en.info.gz
18.11.2007 23:31:44 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
18.11.2007 23:31:44 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll 1.2.10.20 < 1.2.10.21
18.11.2007 23:31:44 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
18.11.2007 23:31:44 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe 7.2.0.13 < 7.2.0.16
18.11.2007 23:31:44 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 7.0.0.81 < 7.0.0.82
18.11.2007 23:31:44 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccguard.dll 7.0.1.34 < 7.0.1.35
18.11.2007 23:31:44 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\preupd.exe 7.0.0.34 < 7.0.0.35
18.11.2007 23:31:44 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
18.11.2007 23:31:44 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
18.11.2007 23:31:45 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
18.11.2007 23:31:45 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.0.1 < 7.0.0.198
18.11.2007 23:31:45 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.0.2 < 7.0.0.227
18.11.2007 23:31:45 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
18.11.2007 23:31:45 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
18.11.2007 23:31:45 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avewin32.dll 7.6.0.15 < 7.6.0.34
18.11.2007 23:31:45 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
18.11.2007 23:31:45 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
18.11.2007 23:31:45 - C:\WINDOWS\SYSTEM32\drivers\avipbb.sys 1.0.2.11 < 1.0.2.13
18.11.2007 23:31:45 - Minifilter is installed

18.11.2007 23:31:45 - Minifilter is possible

18.11.2007 23:31:45 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

18.11.2007 23:31:45 - Initialize avnotify.exe

18.11.2007 23:31:45 - Starting avnotify.exe successful

18.11.2007 23:31:45 - Preparing to download files
18.11.2007 23:31:45 - 10 files need to be downloaded / copied from http://dl4.avgate.net/upd/
18.11.2007 23:31:45 - #1: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/basic-nt/updlib.dll... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/updlib.dll
18.11.2007 23:31:47 - #2: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/basic-nt/avgnt.exe.... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/avgnt.exe
18.11.2007 23:31:48 - #3: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/basic-nt/avguard.ex... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/avguard.exe
18.11.2007 23:31:50 - #4: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/basic-nt/ccguard.dl... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/ccguard.dll
18.11.2007 23:31:51 - #5: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/basic-nt/preupd.exe... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/preupd.exe
18.11.2007 23:31:52 - #6: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/basic-nt/addr_file.... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/addr_file.html
18.11.2007 23:31:53 - #7: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\vdf\antivir2.vdf
18.11.2007 23:32:07 - #8: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\vdf\antivir3.vdf
18.11.2007 23:32:09 - #9: Downloading and extracting http://dl4.avgate.net/upd/engine/avewin32.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\engine\avewin32.dll
18.11.2007 23:32:23 - #10: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/basic-nt/avipbb.sys... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/avipbb.sys
18.11.2007 23:32:30 - Service AVEService is not installed

18.11.2007 23:32:30 - Service AntiVirMailService is not installed

18.11.2007 23:32:30 - Initialize fwinst.exe

18.11.2007 23:32:30 - Initialize fwinst.exe

18.11.2007 23:32:30 - Service AntiVirFirewallService is not installed

18.11.2007 23:32:30 - Service antivirwebservice is not installed

18.11.2007 23:32:30 - Status of service AntiVirService is running

18.11.2007 23:32:30 - Initialize avgnt.exe

18.11.2007 23:32:30 - Status of service AntiVirScheduler is running

18.11.2007 23:32:30 - Minifilter is installed

18.11.2007 23:32:30 - Minifilter is possible

18.11.2007 23:32:30 - Initialize avscan.exe

18.11.2007 23:32:30 - Initialize avconfig.cpl

18.11.2007 23:32:30 - Initialize avcenter.exe

18.11.2007 23:32:30 - shell extension is installed

18.11.2007 23:32:30 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

18.11.2007 23:32:30 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

18.11.2007 23:32:30 - Service AVEService is not installed

18.11.2007 23:32:30 - Service AntiVirMailService is not installed

18.11.2007 23:32:30 - Initialize fwinst.exe

18.11.2007 23:32:30 - Initialize fwinst.exe

18.11.2007 23:32:30 - Service AntiVirFirewallService is not installed

18.11.2007 23:32:30 - shell extension is installed

18.11.2007 23:32:30 - Initialize regsvr32.exe

18.11.2007 23:32:30 - shell extension removed successfully

18.11.2007 23:32:30 - avgnt.exe closed.

18.11.2007 23:32:30 - Status of service AntiVirScheduler is running

18.11.2007 23:32:30 - Service AntiVirScheduler successfully stopped

18.11.2007 23:32:30 - Status of service AntiVirService is running

18.11.2007 23:32:32 - Service AntiVirService successfully stopped

18.11.2007 23:32:32 - Starting to install
18.11.2007 23:32:32 - Processing module SELFUPDATE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:32:32 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\SelfUpdateTemp\update.exe --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}".Self Update helper
18.11.2007 23:32:33 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:32:33 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
18.11.2007 23:32:33 - Temp Directory: C:\WINDOWS\TEMP\Update_Temp\
18.11.2007 23:32:33 - Avira AntiVir PersonalEdition Classic

18.11.2007 23:32:33 - Self update: Copying file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt/updlib.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
18.11.2007 23:32:33 - Executing original update application
18.11.2007 23:32:33 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe --config-file="C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\update.conf" --install-path="C:\Program Files\Avira\AntiVir PersonalEdition Classic" --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}" --NoSelfUpdate "--TmpDir=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f" "--LogFile=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES\Upd-2007-11-18-23-31-27.log" "--TmpFilesList=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\ToRemove.txt".Executing original update application
18.11.2007 23:32:33 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:32:33 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
18.11.2007 23:32:33 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\
18.11.2007 23:32:33 - Start the Update GUI... Displaymode: 0

18.11.2007 23:32:33 - Avira AntiVir PersonalEdition Classic

18.11.2007 23:32:33 - Master IDX file has changed
18.11.2007 23:32:33 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
18.11.2007 23:32:33 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/vdf.info.gz
18.11.2007 23:32:33 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/specvir-nt.info.gz
18.11.2007 23:32:33 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/engine.info.gz
18.11.2007 23:32:33 - Downloading the product.info file from http://dl7.avgate.net/upd/idx/engine-nt-en.info.gz
18.11.2007 23:32:33 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
18.11.2007 23:32:33 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
18.11.2007 23:32:33 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
18.11.2007 23:32:33 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
18.11.2007 23:32:33 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
18.11.2007 23:32:33 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
18.11.2007 23:32:33 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
18.11.2007 23:32:33 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
18.11.2007 23:32:33 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
18.11.2007 23:32:33 - Minifilter is installed

18.11.2007 23:32:33 - Minifilter is possible

18.11.2007 23:32:33 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

18.11.2007 23:32:33 - Preparing to download files
18.11.2007 23:32:33 - 9 files need to be downloaded / copied from http://dl7.avgate.net/upd/
18.11.2007 23:32:33 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt\avgnt.exe.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt\avguard.exe.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt\ccguard.dll.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt\preupd.exe.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt\addr_file.html.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\vdf\antivir2.vdf.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\vdf\antivir3.vdf.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\engine\avewin32.dll.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\basic-nt\avipbb.sys.gz already exists in temporary folder and it will not be downloaded again
18.11.2007 23:32:34 - Starting to install
18.11.2007 23:32:34 - Processing module MAIN Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:32:34 - File C:\Documents and Settings\All Users\Application Data\addr_file.html will not be backed up because it doesn't exist
18.11.2007 23:32:34 - Processing module COMMAPPDATA Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\
18.11.2007 23:32:34 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:32:34 - Processing module ENGINE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
18.11.2007 23:32:34 - Processing module DRV Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4740bd3f\winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\
18.11.2007 23:32:34 - A total of 9 files were updated
18.11.2007 23:32:34 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress

18.11.2007 23:32:34 - Service AVEService is not installed

18.11.2007 23:32:34 - Service AntiVirMailService is not installed

18.11.2007 23:32:34 - Initialize fwinst.exe

18.11.2007 23:32:34 - Initialize fwinst.exe

18.11.2007 23:32:34 - Service AntiVirFirewallService is not installed

18.11.2007 23:32:34 - Service antivirwebservice is not installed

18.11.2007 23:32:34 - Status of service AntiVirService is stopped

18.11.2007 23:32:34 - Initialize avgnt.exe

18.11.2007 23:32:34 - Status of service AntiVirScheduler is stopped

18.11.2007 23:32:34 - Minifilter is installed

18.11.2007 23:32:34 - Minifilter is possible

18.11.2007 23:32:34 - Initialize avscan.exe

18.11.2007 23:32:34 - Initialize avconfig.cpl

18.11.2007 23:32:34 - Initialize avcenter.exe

18.11.2007 23:32:34 - shell extension is installed

18.11.2007 23:32:34 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

18.11.2007 23:32:34 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

18.11.2007 23:32:38 - Service AntiVirService successfully started

18.11.2007 23:32:38 - Starting avgnt.exe successful

18.11.2007 23:32:39 - Service AntiVirScheduler successfully started

18.11.2007 23:32:39 - shell extension is installed

18.11.2007 23:32:39 - Initialize regsvr32.exe

18.11.2007 23:32:40 - installation of shell extension successful

18.11.2007 23:32:40 - Cannot start the service antivirwebservice

18.11.2007 23:32:40 - Dialup: 0

18.11.2007 23:32:40 - Downloaded bytes: 2981586

18.11.2007 23:32:40 - Downloaded file(s): 10

18.11.2007 23:32:40 - Downloaded file(s): updlib.dll; avgnt.exe; avguard.exe; ccguard.dll; preupd.exe; addr_file.html; antivir2.vdf; antivir3.vdf; avewin32.dll; avipbb.sys

18.11.2007 23:32:40 - Engine version local : 7.6.0.15

18.11.2007 23:32:40 - Engine version internet: 7.6.0.34

18.11.2007 23:32:40 - 0. VDF version local : 6.40.0.0

18.11.2007 23:32:40 - 0. VDF version internet: 6.40.0.0

18.11.2007 23:32:40 - 1. VDF version local : 7.0.0.0

18.11.2007 23:32:40 - 1. VDF version internet: 7.0.0.0

18.11.2007 23:32:40 - 2. VDF version local : 7.0.0.1

18.11.2007 23:32:40 - 2. VDF version internet: 7.0.0.198

18.11.2007 23:32:40 - 3. VDF version local : 7.0.0.2

18.11.2007 23:32:40 - 3. VDF version internet: 7.0.0.227

18.11.2007 23:32:40 - Required time: 00:07

18.11.2007 23:32:40 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate

18.11.2007 23:32:40 - Update finished successfully

ntiVir PersonalEdition Classic
Report file date: dimanche 18 novembre 2007 23:36

Scanning for 933576 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: MYMY

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:56
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 22:32:36
ANTIVIR3.VDF : 7.0.0.227 112128 Bytes 18/11/2007 22:32:36
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 18/11/2007 22:32:36
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:22

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 18 novembre 2007 23:36

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.EXE' - '1' Module(s) have been scanned
Scan process 'BTWDINS.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'MediaServerService.exe' - '1' Module(s) have been scanned
Scan process 'EasyShare.exe' - '1' Module(s) have been scanned
Scan process 'Kodak Software Updater.exe' - '1' Module(s) have been scanned
Scan process 'BTTray.exe' - '1' Module(s) have been scanned
Scan process 'WkCalRem.exe' - '1' Module(s) have been scanned
Scan process 'MSNMSGR.EXE' - '1' Module(s) have been scanned
Scan process 'P2PNET~1.EXE' - '1' Module(s) have been scanned
Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
Scan process 'Money Express.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'MJBDIT.EXE' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'TF1vision.exe' - '1' Module(s) have been scanned
Scan process 'QTTASK.EXE' - '1' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'E_FATIADE.EXE' - '1' Module(s) have been scanned
Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
Scan process 'MediaSync.exe' - '1' Module(s) have been scanned
Scan process 'AspireService.exe' - '1' Module(s) have been scanned
Scan process 'VTTrayp.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.EXE' - '1' Module(s) have been scanned
Scan process 'Monitor.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
63 processes with 63 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '64' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\guillaume\Local Settings\Temp\BIT41E.tmp
[0] Archive type: ZIP
--> install-privacy-danger.bat
[DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger
[INFO] The file was moved to '4794c1ff.qua'!
C:\Documents and Settings\guillaume\Local Settings\Temp\BIT3D.tmp
[0] Archive type: ZIP
--> install-privacy-danger.bat
[DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger
[INFO] The file was moved to '4794c20b.qua'!
C:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\NPAQ2HR7\l3[1].htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/ADODB.Exploit.Gen
[INFO] The file was moved to '479bc32a.qua'!
C:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\STUJ8XMN\lc10077[1].htm
[DETECTION] Contains code of the HTML/Malicious.ActiveX.Gen virus
[INFO] The file was moved to '4771c36e.qua'!
C:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\21ORI9Y5\setup[1].htm
[DETECTION] Contains detection pattern of the HTML script virus HTML/ADODB.Exploit.Gen
[INFO] The file was moved to '47b4c39a.qua'!
C:\Documents and Settings\mylene\Bureau\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/ddkret.dll
[DETECTION] Is the Trojan horse TR/Inject.AN
[INFO] The file was moved to '47a3c509.qua'!
Begin scan in 'D:\' <ACERDATA>


End of the scan: lundi 19 novembre 2007 00:25
Used time: 49:50 min

The scan has been done completely.

6937 Scanning directories
392798 Files were scanned
3 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
0 files were deleted
0 files were repaired
6 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
392795 Files not concerned
9970 Archives were scanned
2 Warnings
31 Notes

On va vérifier quelque chose avant de continuer.

Télécharge Lop S&D (d’Eric71 & Angeldark)
Dézippe-le sur le bureau
Lance le fichier Scan.bat
Exécute l’option R .
Poste le rapport généré en fin d’analyse.
Le rapport se trouve aussi ici : C:\Lopr.txt

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , tape explorer et valide)

ça ne marche pas, ça me met un message d'erreur  

On va regarder avec un autre.
Désactive antivirus au cas où.

Télécharge LopResearch.zip

Dézippe-le sur ton Bureau.
Lance le fichier Scan.bat
Poste le rapport ici.

----------------------------[ LopResearch v3 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : C:\Documents and Settings\mylene\Bureau\LopResearch v3.1

Rapport crée : Le 19/11/2007 à 20:04:54,73 PC : MYMY

! Faire analyser le rapport par un Helper avant intervention !

---------------------[ Listing des Applications Data ]--------------------

C:\Documents and Settings\Default User\Application Data\Symantec
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft

C:\Documents and Settings\All Users\Application Data\addr_file.html
C:\Documents and Settings\All Users\Application Data\Avira
C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
C:\Documents and Settings\All Users\Application Data\WLInstaller
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Protexis
C:\Documents and Settings\All Users\Application Data\Kodak
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
C:\Documents and Settings\All Users\Application Data\UDL
C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
C:\Documents and Settings\All Users\Application Data\QuickTime
C:\Documents and Settings\All Users\Application Data\eConsole
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\CyberLink
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\desktop.ini
C:\Documents and Settings\All Users\Application Data\Microsoft

C:\Documents and Settings\NetworkService\Application Data\Symantec
C:\Documents and Settings\NetworkService\Application Data\Microsoft

C:\Documents and Settings\LocalService\Application Data\Microsoft

C:\Documents and Settings\guillaume\Application Data\Sun
C:\Documents and Settings\guillaume\Application Data\Shareaza
C:\Documents and Settings\guillaume\Application Data\DivX
C:\Documents and Settings\guillaume\Application Data\LimeWire
C:\Documents and Settings\guillaume\Application Data\Azureus
C:\Documents and Settings\guillaume\Application Data\Real
C:\Documents and Settings\guillaume\Application Data\Google
C:\Documents and Settings\guillaume\Application Data\vlc
C:\Documents and Settings\guillaume\Application Data\PEX
C:\Documents and Settings\guillaume\Application Data\ispnews
C:\Documents and Settings\guillaume\Application Data\Ahead
C:\Documents and Settings\guillaume\Application Data\HbTools
C:\Documents and Settings\guillaume\Application Data\Media Player Classic
C:\Documents and Settings\guillaume\Application Data\eConf
C:\Documents and Settings\guillaume\Application Data\Roxio
C:\Documents and Settings\guillaume\Application Data\AdobeUM
C:\Documents and Settings\guillaume\Application Data\FotoWire
C:\Documents and Settings\guillaume\Application Data\Help
C:\Documents and Settings\guillaume\Application Data\Macromedia
C:\Documents and Settings\guillaume\Application Data\CyberLink
C:\Documents and Settings\guillaume\Application Data\Adobe
C:\Documents and Settings\guillaume\Application Data\Symantec
C:\Documents and Settings\guillaume\Application Data\Identities
C:\Documents and Settings\guillaume\Application Data\desktop.ini
C:\Documents and Settings\guillaume\Application Data\Microsoft

C:\Documents and Settings\mylene\Application Data\ArcSoft
C:\Documents and Settings\mylene\Application Data\pcouffin.log
C:\Documents and Settings\mylene\Application Data\pcouffin.cat
C:\Documents and Settings\mylene\Application Data\pcouffin.sys
C:\Documents and Settings\mylene\Application Data\pcouffin.inf
C:\Documents and Settings\mylene\Application Data\Vso
C:\Documents and Settings\mylene\Application Data\inst.exe
C:\Documents and Settings\mylene\Application Data\Samsung
C:\Documents and Settings\mylene\Application Data\Azureus
C:\Documents and Settings\mylene\Application Data\DivX
C:\Documents and Settings\mylene\Application Data\Ahead
C:\Documents and Settings\mylene\Application Data\LimeWire
C:\Documents and Settings\mylene\Application Data\Real
C:\Documents and Settings\mylene\Application Data\Google
C:\Documents and Settings\mylene\Application Data\vlc
C:\Documents and Settings\mylene\Application Data\ispnews
C:\Documents and Settings\mylene\Application Data\EPSON
C:\Documents and Settings\mylene\Application Data\dm.ini
C:\Documents and Settings\mylene\Application Data\AdobeDLM.log
C:\Documents and Settings\mylene\Application Data\ShopperReports
C:\Documents and Settings\mylene\Application Data\eConf
C:\Documents and Settings\mylene\Application Data\Roxio
C:\Documents and Settings\mylene\Application Data\DeepBurner
C:\Documents and Settings\mylene\Application Data\Sun
C:\Documents and Settings\mylene\Application Data\AdobeUM
C:\Documents and Settings\mylene\Application Data\Macromedia
C:\Documents and Settings\mylene\Application Data\Help
C:\Documents and Settings\mylene\Application Data\CyberLink
C:\Documents and Settings\mylene\Application Data\Adobe
C:\Documents and Settings\mylene\Application Data\OLYMPUS
C:\Documents and Settings\mylene\Application Data\Symantec
C:\Documents and Settings\mylene\Application Data\Identities
C:\Documents and Settings\mylene\Application Data\desktop.ini
C:\Documents and Settings\mylene\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

--------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\acer
C:\Program Files\Adobe
C:\Program Files\Adverts
C:\Program Files\Alwil Software
C:\Program Files\Astonsoft
C:\Program Files\Avira
C:\Program Files\AvRack
C:\Program Files\Azureus
C:\Program Files\BitComet
C:\Program Files\BitDownload
C:\Program Files\CCleaner
C:\Program Files\ComPlus Applications
C:\Program Files\CyberLink
C:\Program Files\DivX
C:\Program Files\DownloadManager
C:\Program Files\Eidos
C:\Program Files\eMule
C:\Program Files\eMule2
C:\Program Files\epson
C:\Program Files\Fichiers communs
C:\Program Files\Fizzual
C:\Program Files\fsupport
C:\Program Files\Google
C:\Program Files\iMesh Applications
C:\Program Files\Internet Explorer
C:\Program Files\Inventel
C:\Program Files\IOGEAR
C:\Program Files\ItBill
C:\Program Files\Java
C:\Program Files\Kodak
C:\Program Files\LGGSM
C:\Program Files\LimeWire
C:\Program Files\Living World Racing
C:\Program Files\Logiciel Photo Orange
C:\Program Files\Logitech
C:\Program Files\lphant
C:\Program Files\Masta
C:\Program Files\Maxis
C:\Program Files\MediaPipe
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Money
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Picture It! 2002
C:\Program Files\Microsoft SQL Server
C:\Program Files\Microsoft SQL Server Compact Edition
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft Works Suite 2002
C:\Program Files\Microsoft.NET
C:\Program Files\Mindscape
C:\Program Files\Movie Maker
C:\Program Files\MovieLand Terms.html
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\Navilog1
C:\Program Files\Nero
C:\Program Files\NetMeeting
C:\Program Files\NewTech Infosystems
C:\Program Files\Norton AntiVirus
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\p2pnetworks
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\Realtek Sound Manager
C:\Program Files\Samsung
C:\Program Files\Save
C:\Program Files\Securitoo
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\SodeaSoft
C:\Program Files\TF1Vision
C:\Program Files\VideoLAN
C:\Program Files\VirginMega
C:\Program Files\VistaCodecPack
C:\Program Files\VSO
C:\Program Files\Wanadoo
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\YesMessenger
C:\Program Files\ZNsoft Corporation

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\ArcSoft
C:\Program Files\Fichiers communs\Designer
C:\Program Files\Fichiers communs\FDEUnInstaller.exe
C:\Program Files\Fichiers communs\FotoWire
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Kodak
C:\Program Files\Fichiers communs\Logitech
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\muvee Technologies
C:\Program Files\Fichiers communs\NewTech Infosystems
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Roxio Shared
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\SWF Studio
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\WhenU

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]


-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\Documents and Settings\guillaume\Application Data\hbtools
C:\Documents and Settings\mylene\Application Data\ShopperReports
C:\Program Files\Adverts
C:\Program Files\Bitdownload

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\system32\nvs2.inf

! EGDACCESS Possible !


--------------------[ Fin du rapport à 20:05:14,06 ]----------------------

C'est qu'on en découvre des choses, dis-donc, bien infecté  

Télécharge AVG Anti-Spyware Installes-le.
Lance AVG et fais une mise à jour.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglet comment réagir, clique sur Actions recommandées. Choisis Quarantaine.
Ne fais pas d’analyse pour le moment.
Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Relance Avg.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
Poste le ici.
&
Toujours en mode sans échec, relance clean et fais l'option 2, poste le rapport.

++++++++

Démarrer>exécuter>cmd>ok
Tape ceci puis valide par entrée


+++++++++++

Télécharge Navilog (de Il-Mafioso)

Enregistre-le sur ton Bureau.
Installe-le en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2,3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

Le rapport se trouve ici :C:\fixnavi.txt

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 22:24:55 19/11/2007

+ Résultat de l'analyse:



C:\WINDOWS\Downloaded Program Files\installer2.dll -> Adware.ClickMedia : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1570106061-833509052-641237796-1007\Software\ShopperReports -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1570106061-833509052-641237796-1007\Software\ShopperReports\ShopperReports -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1570106061-833509052-641237796-1007\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\AlConfig.xml -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\alp2plib.log -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\alp2plib.log.bak -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\install.log -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\mpp2pl.exe -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\p2pnetworks.exe -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\sp2p.cache -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\p2pnetworks\uninst.exe -> Adware.MediaPipe : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\guillaume\Cookies\guillaume@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@247realmedia[3].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@premiumtv.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sevenloadgmbh.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sevenoneintermedia.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@maxim.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adserver.71i[1].txt -> TrackingCookie.71i : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@3.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ads.addynamix[3].txt -> TrackingCookie.Addynamix : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adtech[3].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@advertising[3].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@advertising[5].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@atdmt[3].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@atdmt[4].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@bluestreak[4].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@bluestreak[5].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@iv2.bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.burstnet[3].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@cz11.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@cz2.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@cz9.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@vip2.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@cz11.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@cz5.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@fl01.ct2.comclick[3].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@fl01.ct2.comclick[5].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@doubleclick[3].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@doubleclick[4].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@estat[3].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@a.as-us.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@as-us.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@fastclick[3].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@media.fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@media.fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@findwhat[1].txt -> TrackingCookie.Findwhat : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@banner.grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@grandonline[1].txt -> TrackingCookie.Grandonline : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ehg-digg.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ehg-ogilvy.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ehg-playboy.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@hitbox[3].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ehg-viacom.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter.hitslink[1].txt -> TrackingCookie.Hitslink : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@stat.onestat[1].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@paycounter[1].txt -> TrackingCookie.Paycounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@paycounter[2].txt -> TrackingCookie.Paycounter : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@paycounter[1].txt -> TrackingCookie.Paycounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@revsci[1].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@revsci[1].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@edge.ru4[1].txt -> TrackingCookie.Ru4 : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@bs.serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@serving-sys[5].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@cs.sexcounter[3].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sexlist[1].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sexlist[2].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sexlist[3].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@sexlist[2].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@sexlist[3].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter1.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter1.sextracker[4].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter10.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter11.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter12.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter14.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter16.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter2.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter4.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter5.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter7.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@counter9.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sextracker[3].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sextracker[4].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@sextracker[5].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter1.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter10.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter12.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter14.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter2.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter4.sextracker[3].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter5.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter8.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter9.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@counter9.sextracker[3].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@sextracker[3].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@smartadserver[3].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@spylog[1].txt -> TrackingCookie.Spylog : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@statcounter[3].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@statcounter[4].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@statcounter[5].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@weborama[5].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@count.xhit[1].txt -> TrackingCookie.Xhit : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\guillaume\Cookies\guillaume@zedo[3].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\guillaume\Local Settings\Temp\Cookies\guillaume@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\mylene\Cookies\mylene@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 19/11/2007 a 22:38:30,04

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:
tentative de suppression de C:\StubInstaller.exe

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\check.exe
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
tentative de suppression de "C:\Documents and Settings\mylene\Application Data\ShopperReports\"

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Fichiers communs\WhenU\"
tentative de suppression de "C:\Program Files\Adverts\"
tentative de suppression de "C:\Program Files\BitDownload"
tentative de suppression de "C:\Program Files\Masta\"
tentative de suppression de "C:\Program Files\MediaPipe\"
tentative de suppression de "C:\Program Files\Save\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

Search Navipromo version 3.3.6 commencé le 19/11/2007 à 22:49:41,59

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180


*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\mylene\Application Data ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

!! Fichier(s)/processus caché(s) différent(s) !!
!! Résultat Catchme non pris en compte par Navilog1 !!


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans C:\DOCUME~1\MYLENE\LOCALS~1\APPLIC~1 *



*** Recherche fichiers ***


C:\WINDOWS\system32\nvs2.inf trouvé !


*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

2)Recherche Heuristique :

C:\WINDOWS\system32\axhbcwohp.dat trouvé !


3)Recherche Certificats :

Certificat Egroup trouvé !


*** Analyse terminée le 19/11/2007 à 22:50:20,34 ***

Re,

Double clique sur le raccourci de navilog1.
Option 2 puis valide. (entrée)
Laisse toi guider.
Ton ordinateur va redémarrer, sinon fais le manuellement.

Ton bureau va disparaître.

Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"

Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Sauvegarde le rapport.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Cela te fera apparaitre ton bureau

Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

electronic-group ; egroup ; Montorgueil ; VIP ; "Sunny Day Design Ltd"

~~> Supprime-les tous <~~

Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.

Clean Navipromo version 3.3.6 commencé le 19/11/2007 à 22:57:47,40

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180

Mode suppression automatique



*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\WINDOWS\System32 *


* Suppression dans C:\DOCUME~1\MYLENE\LOCALS~1\APPLIC~1 *



*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\mylene\Application Data ***


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1 ***



*** Suppression fichiers ***

C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\mylene\Local Settings\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche, création sauvegardes et suppression Heuristique :

C:\WINDOWS\System32\axhbcwohp.dat trouvé !
Copie C:\WINDOWS\system32\axhbcwohp.dat réalisé avec succès !
C:\WINDOWS\system32\axhbcwohp.dat supprimé !

C:\WINDOWS\System32\axhbcwohp_nav.dat trouvé !
Copie C:\WINDOWS\system32\axhbcwohp_nav.dat réalisé avec succès !
C:\WINDOWS\system32\axhbcwohp_nav.dat supprimé !

C:\WINDOWS\System32\axhbcwohp_navps.dat trouvé !
Copie C:\WINDOWS\system32\axhbcwohp_navps.dat réalisé avec succès !
C:\WINDOWS\system32\axhbcwohp_navps.dat supprimé !

C:\WINDOWS\system32\axhbcwohp.exe trouvé !
Copie C:\WINDOWS\system32\axhbcwohp.exe réalisé avec succès !
C:\WINDOWS\system32\axhbcwohp.exe supprimé !


*** Sauvegarde du Registre vers dossier Backupnavi ***

sauvegarde du Registre réalisé avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !

*** Nettoyage terminé le 19/11/2007 à 23:01:07,76 ***

Logfile of HijackThis v1.99.1
Scan saved at 23:07:13, on 19/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\WANADOO\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX00.282\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {1658DABA-FC4C-46C6-BC48-246CFEA0C436} - C:\WINDOWS\oprevgkx.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: The bonsws - {3FDA21ED-312C-44DD-9030-A2DC90FD1CCD} - C:\WINDOWS\bonsws.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: bw+0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

Re,

Relance HiJackThis, do a system scan only, coche ces lignes :

Puis Fix Checked !

++++++++

Supprime C:\Program Files\ItBill

+++++++++++

Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer. (Tuto)
Autorise les active x.
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
Colle son rapport ici.

Puis reposte un Hijackthis.

<html>
<head>
<title>KASPERSKY ONLINE SCANNER REPORT</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>
</head>

<style>
.pagetitle { font-size:20px; color:#FFFFFF; font-family: Arial, Geneva, sans-serif; }
.text { font-size:11px; font-family: Arial, Geneva, sans-serif; }
TD { font-size:11px; font-family: Arial, Geneva, sans-serif; }
</style>

<body>
<table width='100%' height='110' border='0'>
<tr height='30' align='center' bgcolor='#005447'>
<td colspan='2' height='30' class='pagetitle'>
<b>KASPERSKY ONLINE SCANNER REPORT</b>
</td>
</tr>
<tr height='70'>
<td colspan='2' height='70'>
Tuesday, November 20, 2007 12:07:54 PM<br>
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)<br>
Kaspersky Online Scanner version: 5.0.98.0<br>
Kaspersky Anti-Virus database last update: 20/11/2007<br>
Kaspersky Anti-Virus database records: 433312<br>
</td>
</tr>
<tr height='10'>
<td colspan='2' height='10'>
</td>
</tr>
</table>
<table width='100%' height='145' border='0'>
<tr height='20' bgcolor='#EFEBDE'>
<td colspan='2' height='20'><b>Scan Settings</b></td>
</tr>
<tr height='15'>
<td height='15' width='250'>Scan using the following antivirus database</td>
<td>standard</td>
</tr>
<tr height='15'>
<td height='15'>Scan Archives</td>
<td>true</td>
</tr>
<tr height='15'>
<td height='15'>Scan Mail Bases</td>
<td>true</td>
</tr>
<tr height='10'>
<td colspan='2' height='10'>
</td>
</tr>
<tr height='20' bgcolor='#EFEBDE'>
<td height='20'><b>Scan Target</b></td>
<td>Folders</td>
</tr>
<tr height='20'>
<td colspan='2' height='20'>
C:\<br>
D:\<br>
E:\<br>
F:\<br>
G:\<br>
H:\<br>
I:\<br>
J:\
</td>
</tr>
<tr height='10'>
<td colspan='2' height='10'>
</td>
</tr>
<tr height='20' bgcolor='#EFEBDE'>
<td colspan='2' height='20'><b>Scan Statistics</b></td>
</tr>
<tr height='15'>
<td height='15'>Total number of scanned objects</td>
<td>116761</td>
</tr>
<tr height='15'>
<td height='15'>Number of viruses found</td>
<td>1</td>
</tr>
<tr height='15'>
<td height='15'>Number of infected objects</td>
<td>2</td>
</tr>
<tr height='15'>
<td height='15'>Number of suspicious objects</td>
<td>0</td>
</tr>
<tr height='15'>
<td height='15'>Duration of the scan process</td>
<td>01:26:04</td>
</tr>
</table>
<br>
<table width='100%' border='0'>
<tr height='20' bgcolor='#EFEBDE'>
<td height='20'><b>Infected Object Name</b></td>
<td width='200'><b>Virus Name</b></td>
<td width='100'><b>Last Action</b></td>
</tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\system.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\software.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\default.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SECURITY </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SAM </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SAM.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SECURITY.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SYSTEM </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SOFTWARE </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\DEFAULT </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SysEvent.Evt </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\AppEvent.Evt </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\config\SecEvent.Evt </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\CatRoot2\edb.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\CatRoot2\tmp.edb </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\h323log.txt </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\Temp\JET7CB.tmp </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\Debug\PASSWD.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\Sti_Trace.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\wiaservc.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\wiadebug.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\WindowsUpdate.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\SchedLgU.Txt </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\WINDOWS\SoftwareDistribution\ReportingEvents.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\NetworkService\NTUSER.DAT </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\NetworkService\ntuser.dat.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\LocalService\NTUSER.DAT </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\LocalService\Cookies\index.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\LocalService\ntuser.dat.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\21ORI9Y5\count[1].php/packed </td>
<td>Infected: Exploit.HTML.Agent.x </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\21ORI9Y5\count[1].php </td>
<td>GZIP: infected - 1 </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\NTUSER.DAT </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\ntuser.dat.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Temp\JET1BB1.tmp </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Temp\JETA4F5.tmp </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Temp\~DF9A10.tmp </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Temp\~DF9A22.tmp </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Temp\~DFAD25.tmp </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Temp\~DFAD53.tmp </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Historique\History.IE5\index.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Historique\History.IE5\MSHist012007112020071121\index.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Temporary Internet Files\Content.IE5\index.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Application Data\Microsoft\Windows Live Contacts\xiii33@hotmail.fr\real\members.stg </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Local Settings\Application Data\Microsoft\Windows Live Contacts\xiii33@hotmail.fr\shadow\members.stg </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Documents and Settings\mylene\Cookies\index.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\acer\Acer eConsole\AcerDB.mdb </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\acer\Acer eConsole\AcerDB.ldb </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\chandir.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\inuse.txt </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\D0000000.FCS </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\main.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\chn.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\storydb.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\storydb.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\chn.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\chandir.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\BWInfopakMap.pht </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_die.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_die.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_dnd.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_dnd.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_ext.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_ext.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_rcv.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs_rcv.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\prs.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\BWDocMap.pht </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Logitech\Desktop Messenger\8876480\Users\mylene\Data\L0000089.FCS </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.me </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.mm </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\BWKDLogs\BWTargetInf.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\D0000000.FCS </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\inuse.txt </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\main.log </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.idx </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\L0000003.FCS </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td height='20'>C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.dat </td>
<td>Object is locked </td>
<td>skipped </td>
</tr>
<tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr>
<tr height='20'>
<td colspan='3' height='20'><b>Scan process completed.</b></td>
</tr>
</table>
</body>
</html>

Logfile of HijackThis v1.99.1
Scan saved at 12:12:39, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX00.218\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: The bonsws - {3FDA21ED-312C-44DD-9030-A2DC90FD1CCD} - C:\WINDOWS\bonsws.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

Tu as oublié de cocher les lignes 23.

Sélectionne l'encadré ci dessous, clique droit >copier


del "C:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\21ORI9Y5\count[1].php"

Démarrer>exécuter>tape CMd, valide par ok.
Dans la fenêtre noire, clique droit >coller.
Valide par entrée.

Toujours des problèmes ?

pourtant je pensais les avoir cochés  

non plus de souçis  

c'est bon, c'est fini ?

mon pc est propre ?

Oui.

Désinstalle, supprime tous les logiciels utilisés pour la désinfection ainsi que les dossiers créés correspondants.. Garde ccleaner, avg et antivir si nous les avons installé..
Rapporte ton infection sur Malware Complaints
Tuto
Ton infection :Smitfraud, Egdaccess/Magic.control/Navipromo

Salut

ok
et comment j'ai chopé ça ?
ça risque se reproduire ?

merci encore !!!!

En navigant n'importe comment, téléchargeant n'importe quoi  

A plus  

Fait gaffe georgie33 ! ça peut etre très dangereux d'éditer des rapports en ligne de la sorte !ce sont en fait des infos propres à ton pc...

installe plutot le meilleur Anti-Spyware du marché : http://www.commentcamarche.net/telecharger/telecharger-...

georgie33 a dit :

Logfile of HijackThis v1.99.1
Scan saved at 12:12:39, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX00.218\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: The bonsws - {3FDA21ED-312C-44DD-9030-A2DC90FD1CCD} - C:\WINDOWS\bonsws.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

Fixe ces lignes d'ailleurs au cas où ce n'est toujours pas fait :

O3 - Toolbar: The bonsws - {3FDA21ED-312C-44DD-9030-A2DC90FD1CCD} - C:\WINDOWS\bonsws.dll (file missing)
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

comment ça ?

Tu les coches et Fix Checked comme on a déjà fait  

ben je l'ai fait mais ils sont toujours là

Reposte un Hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 23:01:01, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX06.140\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

La 03 est partie.
essaie de fixer ces deux là en mode sans échec , (les 2 23)

Logfile of HijackThis v1.99.1
Scan saved at 23:16:18, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\WANADOO\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX05.672\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

Menu Démarrer \ Exécuter , tape Services.msc et valide
Cherche ce service : Kodak Camera Connection Software et Norton AntiVirus Auto-Protect
Double clique dessus
Type de démarrage : Désactivé
Statut du service : Arrêter
puis Appliquer

Relance Hijackthis , clique sur Open the Misc Tools Section
choisis Delete an NT Service
Tape Nom du service à killer et valide


Et refixe ces lignes .. Tu fais bien les manips normale comme avant ? (cocher >fix checked)

Logfile of HijackThis v1.99.1
Scan saved at 21:09:41, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX15.406\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)

Oui je fais bien comme tu m'as dit !  

Par contre je n'ai pas trouvé celui là dans ce que tu viens de me demander de faire.
Norton AntiVirus Auto-Protect

Bien.

Fais ceci : http://service1.symantec.com/SUPPORT/INTER/tsgeninfoint...

Et reposte un dernier Hijackthis (ça devrait être bon)

Logfile of HijackThis v1.99.1
Scan saved at 09:32:09, on 22/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\IOGEAR\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FAMTADE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\mylene\LOCALS~1\Temp\Rar$EX02.906\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://u233.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://u233.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {25B8C9FD-9319-4609-96EF-AF31C8CE4C8A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

ça y'est il y est plus !!!!

merci beaucoup