demande evaluation de log hijackthis urgent !!

[jpt]

bonjour à tous !

 

je reformule mon pb de hier au soir et demande de l'aide pour remédes éventuels ...

 

cf log ci-apres...

 

merçi pour votre aide !!

 

************

Logfile of HijackThis v1.99.1

Scan saved at 23:19:07, on 18/07/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\My_Server.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\system32\ps2.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\autoclk.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

C:\WINDOWS\system32\ezSP_Px.exe

C:\Program Files\RAM Idle\RAM_XP.exe

C:\WINDOWS\System32\LVCOMSX.EXE

C:\Program Files\Radio net FR\Radio net FR.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Steganos Security Suite 2006\SSS2006.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Executive Software\DiskeeperLite\DKService.exe

C:\Program Files\Steganos Security Suite 2006\SSS2006.exe

c:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Steganos Security Suite 2006\PasswordManagerIEAutoFill.exe

C:\WINDOWS\system32\SatSrv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

c:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\system32\svchost.exe

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0000.1105\fr-fr\msntb.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0000.1105\fr-fr\msntb.dll

O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-781cd0e19f00} - c:\program files\steganos internet anonym pro 7\siapro7iep.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [updateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [autoclk] autoclk.exe

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe

O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle\RAM_XP.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"

O4 - HKLM\..\Run: [Radio net FR] C:\Program Files\Radio net FR\Radio net FR.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [sSS2006] "C:\Program Files\Steganos Security Suite 2006\SSS2006.exe" -boot

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk.disabled

O4 - Global Startup: Microsoft Office.lnk.disabled

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB2.05.0000.1105\fr-fr\msntb.dll/search.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab

O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094303486687

O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://www.bobtv.fr/download/cfweb_www.bob..._instmodule.exe

O18 - Protocol: bw+0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {50CCB6B9-F908-4898-879C-669AF3C328B5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\SatSrv.exe

O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[WawaSeb]

Bonsoir jpt,

 

*** Bienvenue sur le forum sécurité de Zebulon ! ***

 

---> Je vois que tu as installé ZoneAlarm sur ta machine, ce qui est une très bonne chose !

--> As-tu bien désactivé le pare-feu de Norton ? Je ne crois pas...

-> Ce serait une mauvaise idée, ils peuvent entrer en conflit et poser des problèmes ou se détecter mutuellement comme menaces potentielles

 

# Avais-tu installé un modem sur cette machine ?

 

 

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

*** Attention, HijackThis est mal placé, tu dois ABSOLUMENT le décompresser dans un dossier qui lui est propre avant de le relancer... sous peine de perdre tous tes backups ***

 

Tutoriaux : http://pageperso.aol.fr/balltrap34/demohijack.htm

http://sitethemacs.free.fr/aide_enregistre...e_hijackthi.htm

 

 

1) Désactive le Teatimer de Spybot

• Ouvre Spybot
  
• Rends-toi dans le menu Mode
  
• Coche la case Mode Avancé
  
• Clique sur Outils (tout en bas)
  
• Dans Résident, tu décoches la case Resident Teatimer
  -----> L'icône doit être absente de la barre des tâches...
  

 

2) Relance HijackThis, ferme toutes les autres fenêtres et fixe les lignes suivantes (si encore présentes) :

 

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

 

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

 

O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab <-- Si tu ne vas plus sur ce site

 

O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab <-- Si tu ne vas plus sur ce site

 

 

3) Télécharge OTMoveIt de OldTimer. Sauvegarde-le sur ton Bureau.

 

Copie le texte en citation ci-dessous (sélectionne-le en entier avec ta souris, puis fais un clic-droit dessus et choisis "Copier") :

 

C:\WINDOWS\system32\My_Server.exe

• Double-clique sur OTMoveIt.exe afin de lancer le programme
  
• Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée
  
• Fais un Clic-droit sur le cadre de gauche puis choisis Coller
  
• Clique à présent sur le bouton "MoveIt!"
  
• Un rapport va être créé, il se trouve dans C:\_OTMoveIt\MovedFiles\ (Le nom du rapport est la date de sa création)
  
• Poste ce rapport stp...
  

 

4) Télécharge ATF Cleaner de Atribune sur ton bureau. Ce programme sert à nettoyer les fichiers inutiles !

 

- Double-clique sur ATF-Cleaner.exe

 

Coche ceci :

• Windows Temp
  
• Current User Temp
  
• All Users Temp
  
• Cookies
  
• Temporary Internet Files
  
• Prefetch
  
• Java Cache
  
• Recycle Bin
  

- Clique sur Empty Selected et au message "Done Cleaning" sur Ok

 

 

5) Nous allons vérifier qu'il ne reste pas d'infection à l'aide d'un scan en ligne :

 

Rends-toi sur le site de Kaspersky WebScanner

Dans "Démonstration en ligne", tu as une explication de la marche à suivre

Pour démarrer l'analyse, tu sélectionnes "Exécuter l'analyse en ligne".

 

Cette manipulation doit absolument être effectuée avec Internet Explorer

 

Télécharge le contôle Active X, accepte .

Dans le menu "Choisissez la cible de l'analyse", sélectionne "Poste de travail".

Le scan va commencer. Poste le rapport qui sera généré stp.

 

Très bon tutoriel ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId237368

 

Je vois que tu utilises Internet Explorer 7 : Si tu as des problèmes avec le bouton pour accepter la license, clique sur l'outil Zoom sur le bord droit de la fenêtre de Windows et règle-le à 75 %. Une fois que la license est acceptée, remets-le sur 100 %

 

 

Bon travail à toi... ou bonne nuit !