fabou4

bonjour pear j'ai desinstallé avg et norton (pour ce dernier, j'ai utilisé le desinstalleur de symantec) et j'ai mis antivir ! voici les rapports : -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Thursday, November 13, 2008 Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Wednesday, November 12, 2008 22:06:26 Records in database: 1382060 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ Scan statistics: Files scanned: 49382 Threat name: 2 Infected objects: 3 Suspicious objects: 0 Duration of the scan: 01:40:01 File name / Threat name / Threats count C:\Program Files\Internet Explorer\msimg32.dll.sps Infected: not-a-virus:AdTool.Win32.MyWebSearch.au 1 C:\Program Files\Internet Explorer\msimg32.dll.xpx Infected: not-a-virus:AdTool.Win32.MyWebSearch.au 1 C:\WINDOWS\system32\f3PSSavr.scr.xpx Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1 The selected area was scanned. ******************************************************************************** ******** Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:47:31, on 13/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\Lexmark 3400 Series\lxcymon.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe C:\WINDOWS\system32\lxcycoms.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Judith\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe" O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1157659411640 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 10180 bytes bon, je suppose qu'il faut s'occuper du "mywebsearch" maintenant ? cordialement; nb : depuis la manip hijacktchis, j'ai un probleme avec 2 ports USB (probleme de crête d'alimentation quand je branche ma cle usb) : est-ce lié ou est un pb matériel qui survient ? (j'ai testé la clé sur mon fixe : elle marche sans pb)

re-bonsoir voici le rapport navilog AVANT Search Navipromo version 3.6.9 commencé le 11/11/2008 à 20:11:07,42 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Judith" Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Judith\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\LOGMEI~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Judith\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\LOGMEI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Judith\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\LOGMEI~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Judith\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\LOGMEI~1\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\Judith\locals~1\applic~1" : guggqki.exe.xpx trouvé ! guggqki.dat trouvé ! guggqki_nav.dat trouvé ! guggqki_navps.dat trouvé ! kcmem.exe.xpx trouvé ! kcmem.dat trouvé ! kcmem_nav.dat trouvé ! kcmem_navps.dat trouvé ! * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : * Dans "C:\DOCUME~1\LOGMEI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 11/11/2008 à 20:15:33,09 *** et le rapport APRES Clean Navipromo version 3.6.9 commencé le 11/11/2008 à 20:21:53,29 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Judith" Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Judith\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\LOGMEI~1\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Judith\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\LOGMEI~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Judith\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\LOGMEI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Judith\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\LOGMEI~1\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Judith\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\Judith\locals~1\applic~1" * guggqki.exe.xpx trouvé ! Copie guggqki.exe.xpx réalisée avec succès ! guggqki.exe.xpx supprimé ! guggqki.dat trouvé ! Copie guggqki.dat réalisée avec succès ! guggqki.dat supprimé ! guggqki_nav.dat trouvé ! Copie guggqki_nav.dat réalisée avec succès ! guggqki_nav.dat supprimé ! guggqki_navps.dat trouvé ! Copie guggqki_navps.dat réalisée avec succès ! guggqki_navps.dat supprimé ! kcmem.exe.xpx trouvé ! Copie kcmem.exe.xpx réalisée avec succès ! kcmem.exe.xpx supprimé ! kcmem.dat trouvé ! Copie kcmem.dat réalisée avec succès ! kcmem.dat supprimé ! kcmem_nav.dat trouvé ! Copie kcmem_nav.dat réalisée avec succès ! kcmem_nav.dat supprimé ! kcmem_navps.dat trouvé ! Copie kcmem_navps.dat réalisée avec succès ! kcmem_navps.dat supprimé ! * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Dans "C:\DOCUME~1\LOGMEI~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 11/11/2008 à 20:26:23,54 *** voilà ! ça a l'air ok, non ? bonne soirée !

bonjour PEAR ! merci de ton aide !!! voici le rapport après desinfection -----------\\ ToolBar S&D 1.2.4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz ) BIOS : Ver 1.00PARTTBL USER : Judith ( Administrator ) BOOT : Normal boot Antivirus : AVG 7.5.549 7.5.549 (Activated) C:\ (Local Disk) - NTFS - Total:30 Go (Free:6 Go) D:\ (CD or DVD) E:\ (Local Disk) - FAT32 - Total:25 Go (Free:25 Go) F:\ (USB) - FAT - Total:118 Mo (Free:0 Go) "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 ) Option : [2] ( 11/11/2008|14:59 ) -----------\\ SUPPRESSION Supprime! - C:\DOCUME~1\Judith\APPLIC~1\FunWebProducts\Data Supprime! - C:\Program Files\FunWebProducts\ScreenSaver Supprime! - C:\Program Files\FunWebProducts\Shared Supprime! - C:\Program Files\MyWebSearch\bar Supprime! - C:\Program Files\MyWebSearch\SrchAstt Supprime! - C:\DOCUME~1\Judith\Cookies\judith@mywebsearch[2].txt.sps Supprime! - C:\DOCUME~1\Judith\Cookies\judith@mywebsearch[2].txt.xpx Supprime! - C:\DOCUME~1\Judith\APPLIC~1\FunWebProducts Supprime! - C:\Program Files\FunWebProducts Supprime! - C:\Program Files\MyWebSearch -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Judith) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Search Page"="http://www.google.com" "Default_Page_URL"="http://fr.msn.com/"'>http://fr.msn.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://fr.msn.com/" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections C:\WINDOWS\System32\nvs2.inf C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\guggqki.dat C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\guggqki.exe.xpx C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\guggqki_nav.dat C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\guggqki_navps.dat C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\kcmem.dat C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\kcmem.exe.xpx C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\kcmem_nav.dat C:\DOCUME~1\Judith\LOCALS~1\APPLIC~1\kcmem_navps.dat ==> EGDACCESS <== --------------------\\ ROGUES .. C:\DOCUME~1\Judith\MENUDM~1\PROGRA~1\Spyware-Secure C:\PROGRA~1\Spyware-Secure 1 - "C:\ToolBar SD\TB_1.txt" - 11/11/2008|15:01 - Option : [2] -----------\\ Fin du rapport a 15:01:30,31 voici le rapport hijack demandé : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:07:41, on 11/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hphmon05.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Lexmark 3400 Series\lxcymon.exe C:\Program Files\Lexmark 3400 Series\ezprint.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\lxcycoms.exe C:\WINDOWS\System32\svchost.exe F:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe" O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1157659411640 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 12032 bytes Encore merci !

merci falkra j'essaie ça ce mercredi à bientôt.

bonjour ma collègue m'a confié son PC car il ne démarrait plus, après une intervention de AVG ... En fait AVG avait effacé user32.dll qui était vérollé. Je l'ai réinstallé par la console de récup. le PC redemarre. pour être rassuré, j'ai fait un scan online avec PANDA : et là, aie aie aie ! il y a plusieurs cochonneries : ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-11-11 11:34:55 PROTECTIONS: 1 MALWARE: 17 SUSPECTS: 2 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== AVG 7.5.549 7.5.549 Yes Yes ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00029426 adware/sbsoft Adware No 0 Yes No HKEY_CLASSES_ROOT\Interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf} 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@atdmt[2].txt.sps 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@tradedoubler[1].txt 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@tradedoubler[1].txt.sps 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@247realmedia[2].txt.sps 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@fastclick[1].txt.sps 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@tribalfusion[1].txt.sps 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@mediaplex[2].txt.sps 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@xiti[1].txt.sps 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@xiti[1].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@overture[1].txt.sps 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@adviva[1].txt 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@smartadserver[1].txt.sps 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Judith\Cookies\judith@smartadserver[2].txt 02854181 Application/MyWebSearch HackTools No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.xpx 02854181 Application/MyWebSearch HackTools No 0 Yes No C:\WINDOWS\system32\f3PSSavr.scr.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\Internet Explorer\msimg32.dll.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Documents and Settings\Judith\Local Settings\Application Data\kcmem.exe.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Documents and Settings\Judith\Local Settings\Application Data\guggqki.exe.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.xpx 03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.xpx 03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Program Files\Spyware-Secure\Spyware-Secure_repaironce.exe 03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Documents and Settings\Judith\Bureau\Eli\InstallCasinoV2.exe 03310023 Trj/Trymedia.gen Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{9F832052-6B2F-48A7-A726-8F88081A1155}\RP250\A0123863.exe 03431697 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{9F832052-6B2F-48A7-A726-8F88081A1155}\RP204\A0112258.exe 03431697 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Judith\Mes documents\SpywareSecure_trial_setup.exe[spyware-Secure_trial.exe] 03431697 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe ;=============================================================================== ================================================================================= =================== SUSPECTS Sent Location ;=============================================================================== ================================================================================= =================== No C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE No C:\Program Files\Spyware-Secure\Spyware-Secure.exe ;=============================================================================== ================================================================================= =================== VULNERABILITIES Id Severity Description ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== et voici le log hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:09:57, on 11/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hphmon05.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Lexmark 3400 Series\lxcymon.exe C:\Program Files\Lexmark 3400 Series\ezprint.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\lxcycoms.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe F:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file) O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe" O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm247YYFR O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1157659411640 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 13045 bytes si quelqu'un voulait bien m'aider car là, il y en a trop pour moi. cordialement;

bonjour falkra désolé pour la réponse bien tardive ! comme tu me l'as demandé, voici le rapport toolbar : -----------\\ ToolBar S&D 1.2.4 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 1 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 1.90GHz ) BIOS : 686O1 v1.07 USER : proprietaire ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:9 Go (Free:5 Go) D:\ (CD or DVD) E:\ (USB) - FAT32 - Total:993 Mo (Free:0 Go) "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 ) Option : [1] ( 10/11/2008|10:31 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\System32\\blank.htm" "Start Page"="http://www.lo.st" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 10/11/2008|10:32 - Option : [1] -----------\\ Fin du rapport a 10:32:03,26 merci de ton aide !!!!!!!

bonjour à tous j'ai acheté un pc d'occasion avec (comme cadeau !) ... un détournement automatique de page d'accueil IE. ça a l'air assez classique : tous les quarts d'heure, la page par défaut se remet à www.lo.st voici mon scan hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:48:03, on 03/11/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\EoRezo\EoEngine.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe E:\HiJackThis.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- End of file - 3255 bytes Je voulais essayer de me débrouiller tout seul : dois-je fixer les lignes que j'ai mises en gras, ci dessus ? Mais bon, je préfère vous demander conseil... (comme écrit, le mal pourrait être pire que le remède) cordialement; nb : un GRAND merci aux personnes de ce forum qui aident les autres (pas que moi)

bonsoir, je voudrai tout d'abord te remercier pour autant de rapidité, d'efficacité et de disponibilité, c'est à peine croyable en moins de temps qu'il ne faut pour le dire, j'avais une réponse. en fait, je n'y connais rien en ordi et c un ami qui m'a donné les coordonnées de ce site et je ne suis pas déçue. bon alors j'ai suivi les instructions et j'ai rencontré quelques problèmes : - je n'ai pas pu désinstaller bitdéfendeur, car l'ordi commence et puis me dit que je dois fermer netropa hot key, et .... je sais pas ce que c'est. - je n'ai pas trouvé hotbar - je n'ai pas trouvé my web search - je n'ai trouvé que msn plus 3 et pas le 4 - j'ai trouvé par contre des googlebar quelque chose comme ça - et j'ai laissé windows live messenger installé voilà mon rapport et maintenant je t'adresse le rapport de ce rapport merci bcp pour ton aide Logfile of HijackThis v1.99.1 Scan saved at 19:41:27, on 12/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\F-Secure Anti-Virus\Common\FSMB32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\System32\Drivers\WTSRV.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\F-Secure Anti-Virus\Common\FCH32.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\F-Secure Anti-Virus\Common\FAMEH32.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\WINDOWS\system32\WService.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe C:\WINDOWS\system32\hpoipm07.exe C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe C:\Program Files\Microsoft Money\System\urlmap.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\mr bouazziz\Mes documents\ANTI VIRUS\faby.exe.exe C:\Documents and Settings\mr bouazziz\Mes documents\ANTI VIRUS\faby.exe.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.packardbell.fr/center R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {D561B009-73D3-EC01-06A4-B7F062B6A59D} - C:\DOCUME~1\MRBOUA~1\APPLIC~1\EXITSO~1\phonebase.exe (file missing) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [WService] WService.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZN O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8471f45254774e3d9467033014110dd3 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8471f45254774e3d9467033014110dd3 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=www.packardbell.fr/center O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bw+0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) merci encore bonsoir, je voudrai tout d'abord te remercier pour autant de rapidité, d'efficacité et de disponibilité, c'est à peine croyable en moins de temps qu'il ne faut pour le dire, j'avais une réponse. en fait, je n'y connais rien en ordi et c un ami qui m'a donné les coordonnées de ce site et je ne suis pas déçue. bon alors j'ai suivi les instructions et j'ai rencontré quelques problèmes : - je n'ai pas pu désinstaller bitdéfendeur, car l'ordi commence et puis me dit que je dois fermer netropa hot key, et .... je sais pas ce que c'est. - je n'ai pas trouvé hotbar - je n'ai pas trouvé my web search - je n'ai trouvé que msn plus 3 et pas le 4 - j'ai trouvé par contre des googlebar quelque chose comme ça - et j'ai laissé windows live messenger installé voilà mon rapport et maintenant je t'adresse le rapport de ce rapport merci bcp pour ton aide Logfile of HijackThis v1.99.1 Scan saved at 19:41:27, on 12/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\F-Secure Anti-Virus\Common\FSMB32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\System32\Drivers\WTSRV.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\F-Secure Anti-Virus\Common\FCH32.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\F-Secure Anti-Virus\Common\FAMEH32.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\WINDOWS\system32\WService.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe C:\WINDOWS\system32\hpoipm07.exe C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe C:\Program Files\Microsoft Money\System\urlmap.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\mr bouazziz\Mes documents\ANTI VIRUS\faby.exe.exe C:\Documents and Settings\mr bouazziz\Mes documents\ANTI VIRUS\faby.exe.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.packardbell.fr/center R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {D561B009-73D3-EC01-06A4-B7F062B6A59D} - C:\DOCUME~1\MRBOUA~1\APPLIC~1\EXITSO~1\phonebase.exe (file missing) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [WService] WService.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZN O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8471f45254774e3d9467033014110dd3 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8471f45254774e3d9467033014110dd3 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=www.packardbell.fr/center O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bw+0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) merci encore

J'ai oublié de poster le rapport de PANDA (enfin les rapports mesdocuments, postedetravail et disqueslocaux) Incident Statut Analyse Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@2o7[2].txt Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@ad.yieldmanager[2].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@adtech[2].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@advertising[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@as-eu.falkag[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@as1.falkag[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@atdmt[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@bluestreak[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@doubleclick[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@fe.lea.lycos[1].txt Spyware:Cookie/Lop No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@images.lop[1].txt Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@mediaplex[1].txt Spyware:Cookie/OfferOptimizer No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@offeroptimizer[1].txt Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@stats1.reliablestats[2].txt Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@statse.webtrendslive[1].txt Spyware:Cookie/Systemdoctor No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@systemdoctor[2].txt Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@tradedoubler[2].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@weborama[1].txt Spyware:Cookie/WinFixer No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@winfixer[2].txt Spyware:Cookie/Adserver No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@z1.adserver[1].txt Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.ads.pointroll.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.adtech.de/] Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.overture.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.xiti.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@247realmedia[2].txt Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@2o7[2].txt Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@ads.pointroll[1].txt Spyware:Cookie/Adserver No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@adserver.filefront[2].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@adtech[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@as-eu.falkag[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@as1.falkag[1].txt Spyware:Cookie/Bilbo.counted No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@bilbo.counted[2].txt Spyware:Cookie/bravenetA No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@bravenet[2].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@bs.serving-sys[2].txt Spyware:Cookie/Casinotropez No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@casinotropez[1].txt Spyware:Cookie/Cgi-bin No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@cgi-bin[1].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@com[1].txt Spyware:Cookie/cs.sexcounter No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@cs.sexcounter[2].txt Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@fastclick[2].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@fe.lea.lycos[1].txt Spyware:Cookie/Findwhat No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@findwhat[1].txt Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@fl01.ct2.comclick[2].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@overture[1].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@perf.overture[1].txt Spyware:Cookie/QuestionMarket No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@questionmarket[2].txt Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@revenue[2].txt Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@searchportal.information[1].txt Spyware:Cookie/Server.iad.Liveperson No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@server.iad.liveperson[2].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@serving-sys[1].txt Spyware:Cookie/Smartadserver No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@smartadserver[1].txt Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@toplist[1].txt Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@tribalfusion[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@xiti[1].txt Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ad.yieldmanager[1].txt Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ads.pointroll[1].txt Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@adultfriendfinder[2].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@advertising[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@as1.falkag[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@atdmt[2].txt Spyware:Cookie/Lop No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ayb.lop[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@bluestreak[2].txt Spyware:Cookie/Casalemedia No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@casalemedia[1].txt Spyware:Cookie/Clubdicecasino No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@clubdicecasino[1].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@doubleclick[2].txt Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ehg-ads.hitbox[2].txt Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@hitbox[2].txt Spyware:Cookie/OfferOptimizer No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@offeroptimizer[1].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@overture[2].txt Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@revenue[1].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@servedby.advertising[1].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@serving-sys[1].txt Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@stats1.reliablestats[1].txt Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@tradedoubler[2].txt Spyware:Cookie/Valueclick No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@valueclick[2].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@weborama[2].txt Spyware:Cookie/WinFixer No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@winfixer[2].txt Spyware:Cookie/Advnt No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@www.advnt01[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@xiti[1].txt Adware:Adware/KoolBar No Désinfecté C:\Documents and Settings\mr bouazziz\Mes documents\Logiciels\SMILEYS EDEN.exe[shopperReports.exe] Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\MSN Messenger\riched20.dll Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL Adware:adware/gator No Désinfecté C:\WINDOWS\GatorFDDLI.log Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] Outil indésirable:Application/MyWebSearch No Désinfecté C:\WINDOWS\system32\f3PSSavr.scr Incident Statut Analyse Adware:Adware/KoolBar No Désinfecté C:\Documents and Settings\mr bouazziz\Mes documents\Logiciels\SMILEYS EDEN.exe[shopperReports.exe] Incident Statut Analyse Outil indésirable:Application/MyWebSearch No Désinfecté c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe Outil indésirable:Application/MyWebSearch No Désinfecté C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoestb.dll Outil indésirable:application/mywebsearch No Désinfecté c:\windows\system32\f3PSSavr.scr Adware:adware/gator No Désinfecté c:\windows\GatorFDDLI.log Adware:adware/windowenhancer No Désinfecté c:\windows\system32\SBUtils Outil indésirable:application/regclean32 No Désinfecté c:\program files\Registry Cleaner Trial Outil indésirable:application/funweb No Désinfecté hkey_classes_root\clsid\{00A6FAF6-072E-44cf-8957-5838F569A31D} Adware:adware/wupd No Désinfecté Registre Windows Dialer:dialer.dk No Désinfecté HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91433D86-9F27-402C-B5E3-DEBDD122C339} Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@2o7[2].txt Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@ad.yieldmanager[2].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@adtech[2].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@advertising[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@as-eu.falkag[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@as1.falkag[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@atdmt[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@bluestreak[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@doubleclick[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@fe.lea.lycos[1].txt Spyware:Cookie/Lop No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@images.lop[1].txt Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@mediaplex[1].txt Spyware:Cookie/OfferOptimizer No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@offeroptimizer[1].txt Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@stats1.reliablestats[2].txt Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@statse.webtrendslive[1].txt Spyware:Cookie/Systemdoctor No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@systemdoctor[2].txt Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@tradedoubler[2].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@weborama[1].txt Spyware:Cookie/WinFixer No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@winfixer[2].txt Spyware:Cookie/Adserver No Désinfecté C:\Documents and Settings\enfants\Cookies\enfants@z1.adserver[1].txt Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.ads.pointroll.com/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.adtech.de/] Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.overture.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mr bouazziz\Application Data\Mozilla\Firefox\Profiles\z463n0dv.default\cookies.txt[.xiti.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@247realmedia[2].txt Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@2o7[2].txt Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@ads.pointroll[1].txt Spyware:Cookie/Adserver No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@adserver.filefront[2].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@adtech[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@as-eu.falkag[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@as1.falkag[1].txt Spyware:Cookie/Bilbo.counted No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@bilbo.counted[2].txt Spyware:Cookie/bravenetA No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@bravenet[2].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@bs.serving-sys[2].txt Spyware:Cookie/Casinotropez No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@casinotropez[1].txt Spyware:Cookie/Cgi-bin No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@cgi-bin[1].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@com[1].txt Spyware:Cookie/cs.sexcounter No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@cs.sexcounter[2].txt Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@fastclick[2].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@fe.lea.lycos[1].txt Spyware:Cookie/Findwhat No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@findwhat[1].txt Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@fl01.ct2.comclick[2].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@overture[1].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@perf.overture[1].txt Spyware:Cookie/QuestionMarket No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@questionmarket[2].txt Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@revenue[2].txt Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@searchportal.information[1].txt Spyware:Cookie/Server.iad.Liveperson No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@server.iad.liveperson[2].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@serving-sys[1].txt Spyware:Cookie/Smartadserver No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@smartadserver[1].txt Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@toplist[1].txt Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@tribalfusion[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mr bouazziz\Cookies\mr bouazziz@xiti[1].txt Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ad.yieldmanager[1].txt Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ads.pointroll[1].txt Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@adultfriendfinder[2].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@advertising[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@as1.falkag[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@atdmt[2].txt Spyware:Cookie/Lop No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ayb.lop[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@bluestreak[2].txt Spyware:Cookie/Casalemedia No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@casalemedia[1].txt Spyware:Cookie/Clubdicecasino No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@clubdicecasino[1].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@doubleclick[2].txt Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@ehg-ads.hitbox[2].txt Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@hitbox[2].txt Spyware:Cookie/OfferOptimizer No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@offeroptimizer[1].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@overture[2].txt Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@revenue[1].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@servedby.advertising[1].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@serving-sys[1].txt Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@stats1.reliablestats[1].txt Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@tradedoubler[2].txt Spyware:Cookie/Valueclick No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@valueclick[2].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@weborama[2].txt Spyware:Cookie/WinFixer No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@winfixer[2].txt Spyware:Cookie/Advnt No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@www.advnt01[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mr bouazziz\Local Settings\Temp\Cookies\mr bouazziz@xiti[1].txt Adware:Adware/KoolBar No Désinfecté C:\Documents and Settings\mr bouazziz\Mes documents\Logiciels\SMILEYS EDEN.exe[shopperReports.exe] Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\MSN Messenger\riched20.dll Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE Outil indésirable:Application/MyWebSearch No Désinfecté C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] MERCI ENCORE POUR LE TEMPS QUE PRENDRA LE DECHIFFRAGE DE TOUT CELA !!!!!!!!!

bonsoir après avoir scanner mon PC avec plusieurs antivirus (BITdefender, avg, panda), je m'en remets à vous car TROP de choses ont été trouvées. Par ailleurs, mes enfants qui utilisent le logiciel emule auront surement été pour quelques chose dans tout ça ! mais, bien qu'ils l'utilisent, c'est aussi mon ordinateur de travail et maintenant il souffre de lenteur+blocage du graveur (entre autres chose) alors merci à une bonne âme de bien vouloir m'aider !!!! comme vous le demandez, voici le rapport HIJACKTHIS Logfile of HijackThis v1.99.1 Scan saved at 11:25:08, on 11/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\F-Secure Anti-Virus\Common\FSMB32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\System32\Drivers\WTSRV.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\F-Secure Anti-Virus\Common\FCH32.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\F-Secure Anti-Virus\Common\FAMEH32.EXE C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\Apps\ActivBoard\MMKeybd.exe C:\WINDOWS\system32\WService.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iPod\bin\iPodService.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\mr bouazziz\Bureau\faby.exe.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.packardbell.fr/center R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {D561B009-73D3-EC01-06A4-B7F062B6A59D} - C:\DOCUME~1\MRBOUA~1\APPLIC~1\EXITSO~1\phonebase.exe (file missing) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [WService] WService.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZN O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8471f45254774e3d9467033014110dd3 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8471f45254774e3d9467033014110dd3 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=www.packardbell.fr/center O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bw+0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)