usurpation d'identité

[angelique]

Si tu ne peux pas enlever F-Secure normalement, utilise un logiciel de nettoyage de la BdR du type JV16.

Dans un premier temps, supprime d'abord tout "F-secure" de ton disque dur en faisant une recherche et en activant les options nécessaires pour visualier tous les fichiers, dans tous les endroits (système etc ...).

 

y'a un tool de developpé pour ça!

 

http://support.f-secure.com/enu/corporate/.../removeav.shtml

[Lien Rag]

Bonjour Angélique

 

alors je copie le lien

je colle le lien

et je le garde

 

merci

[brianb]

bonsoir à tous

 

comme demandé, voici le rapport navilog

 

Search Navipromo version 2.0.9 commencé le 02/09/2007 à 20:42:39,01

 

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Poster ce rapport sur le forum pour le faire analyser !!!

!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

 

Fix lancé depuis C:\Program Files\navilog1

Mise a jour le 20.08.2007 a 22h30 by IL-MAFIOSO

 

Executé en mode normal

 

*** Recherche Programmes installes ***

 

 

 

 

*** Recherche dossiers dans C:\WINDOWS ***

 

 

 

 

*** Recherche dossiers dans C:\Program Files ***

 

 

 

 

*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***

 

 

 

 

*** Recherche dossiers dans C:\Documents and Settings\mr bouazziz.SN4970687158\Application Data ***

 

 

 

*** Recherche avec BlackLight Engine/F-secure ***

BlackLight Engine est un produit de F-secure, pour + d'infos :

http://www.f-secure.com/blacklight/blacklight_help.html

 

 

F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR

======================================

 

Copyright 2005-2006 F-Secure Corporation. All rights reserved.

This is a beta version. It will expire on 1st of October, 2007.

Version information: 2.2.1064.

 

[+] Started on 09/02/07 at 20:42:40.

[+] Initializing ...

[+] Starting scan, press Ctrl-C to abort.

[+] Scanning for hidden items ..............................................................................................................

[+] Scan complete.

[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.

[+] Exited on 09/02/07 at 20:56:10 (return code = 0).

 

 

*** Recherche avec GenericNaviSearch ***

!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!

!!! A verifier impérativement avant toute suppression manuelle !!!

 

Fichiers trouvés :

 

Aucun Fichier trouvé !

 

Fichiers suspects :

 

Aucun Fichier suspect trouvé !

 

 

 

*** Recherche fichiers ***

 

 

 

 

*** Recherche cles registre ***

 

 

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]

 

 

 

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]

 

 

 

Recherche Clé Magic Control

 

 

 

*** Module de Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Recherche fichiers connus:

 

 

2)Recherche Heuristique :

*

**

***

****

*****

******

*******

********

 

 

3)Recherche Certificats :

 

Certificat Egroup absent !

 

 

*** Analyse Terminé le 02/09/2007 à 20:56:22,98 ***

 

et voici le rapport hijack (j'ai effacé fsecure avec l'utilitaire comme conseillé)

 

Logfile of HijackThis v1.99.1

Scan saved at 00:00:36, on 02/09/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Apps\ActivBoard\nhksrv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\F-Secure Anti-Virus\Common\FSMB32.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\F-Secure Anti-Virus\Common\FCH32.EXE

C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

C:\WINDOWS\System32\Drivers\WTSRV.EXE

C:\Program Files\F-Secure Anti-Virus\Common\FAMEH32.EXE

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe

C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe

C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe

C:\Documents and Settings\mr bouazziz.SN4970687158\Bureau\hijack.exe

C:\WINDOWS\system32\wuauclt.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.packardbell.fr/center

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.packardbell.fr/center

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {D561B009-73D3-EC01-06A4-B7F062B6A59D} - C:\DOCUME~1\MRBOUA~1\APPLIC~1\EXITSO~1\phonebase.exe (file missing)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [spchkpbxci] c:\windows\system32\spchkpbxci.exe spchkpbxci

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1b899115aa524635ae2c03ac4feee1f2

O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1b899115aa524635ae2c03ac4feee1f2

O14 - IERESET.INF: START_PAGE_URL=www.packardbell.fr/center

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O18 - Protocol: bw+0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE

 

est-ce fini ?

 

merci à tous pour vos réponses et vos conseils !!!!!!!!

[Lien Rag]

relance Hijack " Do a scan only " et coche

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {D561B009-73D3-EC01-06A4-B7F062B6A59D} - C:\DOCUME~1\MRBOUA~1\APPLIC~1\EXITSO~1\phonebase.exe (file missing)

 

click Fix checked

 

ensuite

 

Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.

 

[*]Double-clique sur OTMoveIt.exe pour le lancer.

[*]Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée !!!

[*]Copie le texte qui se trouve dans l'encadré ci-dessous, et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved.

 

c:\windows\system32\spchkpbxci.exe

 

[*]Clique sur MoveIt! pour lancer la suppression.

[*]Si OTMoveIt propose de redémarrer ton PC, accepte.

[*]Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.

 

[*]Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.

[brianb]

re;

 

le rapport dit que le fichier c:\windows\system32\spchkpbxci.exe n'existe pas ! (je ne l'ai pas collé mais c'est ce qu'il y a marqué dans le cadre RESULTS)

 

(nb: il n'apparait d'ailleurs plus dans le rapport de NAVILOG)

 

par ailleurs, il y a avait un petit couac dans la procedure de OTMOVIT : il faut installer le fichier dans le rep c:\_otmoveit et il faut creer dedans le rep movedfiles (sinon ça marche pas!) mais c'est bon, j'ai rectifié de moimeme.

 

a+

[brianb]

Erreur stupide de ma part : j'ai collé l'ancien rapport hijack dans mon post précédent !

 

voici le BON rapport

 

Logfile of HijackThis v1.99.1

Scan saved at 22:42:36, on 02/09/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Apps\ActivBoard\nhksrv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

C:\WINDOWS\System32\Drivers\WTSRV.EXE

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe

C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe

C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe

C:\Documents and Settings\mr bouazziz.SN4970687158\Bureau\hijack.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.packardbell.fr/center

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.packardbell.fr/center

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [PreAnnotate] C:\WINDOWS\System32\PreAnntt.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1b899115aa524635ae2c03ac4feee1f2

O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1b899115aa524635ae2c03ac4feee1f2

O14 - IERESET.INF: START_PAGE_URL=www.packardbell.fr/center

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O18 - Protocol: bw+0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {743ADC40-D623-41F2-8011-4BF2A778C266} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE

 

(et là, il n'y a plus le fichier spchkpbxci.exe !)

 

désolé de t'avoir induit en erreur Lien Rag !

 

a+

[Lien Rag]

 

Fais un scan en ligne de controle

 

scan panda en ligne

 

préalablement , desactive antivirus actuel

 

Une fois sur le site Panda

décoche la case "me tenir au courant des dernières nouvelles ..." avant de lancer le scan, pour ne pas reçevoir de mails de leur part.

accepte de renseigner les champs, effectue le scan , poste le rapport de scan dans prochain message

 

details Panda use:

"Analyser votre pc" -> "suivant" -> remplir adresse mail -> Pays/Etat-région -> envoyer -> laisser se dérouler le téléchargement du contrôle ActiveX -> sélectionner "Poste de Travail" -> fermer la popup

[brianb]

BONJOUR LIEN RAG;

 

AIE, IL RESTE DES CHOSES !

 

rapport panda :

 

 

Incident Statut Analyse

Outil indésirable:Application/Processor No Désinfecté E:\Documents and Settings\mr bouazziz.SN4970687158\Bureau\MSNFix\incl\Process.exe

Outil indésirable:Application/MyWebSearch No Désinfecté E:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll

Outil indésirable:Application/MyWebSearch No Désinfecté E:\Program Files\MSN Messenger\riched20.dll

Outil indésirable:Application/Processor No Désinfecté E:\Program Files\Navilog1\Process.exe

Outil indésirable:Application/Pskill.A No Désinfecté E:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]

Outil indésirable:Application/Pskill.A No Désinfecté E:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]

Outil indésirable:Application/MyWebSearch No Désinfecté E:\WINDOWS\system32\f3PSSavr.scr

[brianb]

Bonsoir !

 

Lien Rag, je n'ai plus de message de ta part ?

Est-ce que quelqu'un pourrait me dire si ce qui suit est NORMAL ?

 

(Lien RAG , je te remercie de toute façon pour ton aide précieuse ci-dessus )

 

a+

 

rapport panda :

Incident Statut Analyse

Outil indésirable:Application/Processor No Désinfecté E:\Documents and Settings\mr bouazziz.SN4970687158\Bureau\MSNFix\incl\Process.exe

Outil indésirable:Application/MyWebSearch No Désinfecté E:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll

Outil indésirable:Application/MyWebSearch No Désinfecté E:\Program Files\MSN Messenger\riched20.dll

Outil indésirable:Application/Processor No Désinfecté E:\Program Files\Navilog1\Process.exe

Outil indésirable:Application/Pskill.A No Désinfecté E:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]

Outil indésirable:Application/Pskill.A No Désinfecté E:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]

Outil indésirable:Application/MyWebSearch No Désinfecté E:\WINDOWS\system32\f3PSSavr.scr

[chtilo]

Bonsoir brianb,

 

Pour ces lignes c'est normal :

 

Outil indésirable:Application/Processor No Désinfecté E:\Program Files\Navilog1\Process.exe

Outil indésirable:Application/Pskill.A No Désinfecté E:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]

Outil indésirable:Application/Pskill.A No Désinfecté E:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]

Outil indésirable:Application/Processor No Désinfecté E:\Documents and Settings\mr bouazziz.SN4970687158\Bureau\MSNFix\incl\Process.exe

 

C'est lié au outils de désinfection

 

Pour NPMyWebS.dll je ne peut m'avancé car je ne trouve rien et je ne suis pas seul donc pour le moment n'y touche pas.

 

Sinon nettoie tout ce qui est fichier temporaire en suivant les conseil de pré désinfection une fois que tu as fais ça va à la fin de ce topic mais lit tous quand même et si cela fonctionne vien le signaler ici sa peut aider d'autre personne.

 

Pour riched20.dll vas sur le site microsoft mais occupe toi de lui aprés avoir désinfecter ton PC.

 

Je pense que cela resoudra ton problème.

 

Amicalement