Trojan + Worm...sais pas quoi faire !

[fablin]

Avis aux experts car moi je m'y perds un peu !!!

Ma femme a ouvert un fichier NOKIA et là....alerte ! AVAST a détecté des virus dans ma machine. Je les ai supprimé puis lancé un nouveau scan sur avast. Résultat 0 infections trouvées.

Puis j'ai essayé avec SECUSER....et là 2 infections décelées

- TROJ DLOADER.HBK

- WORM SDBOT.FKM

impossible de les supprimer ni de mettre en quarantaine...

 

Comme je ne suis pas très calé, je me demande si ces infections sont dangereuses (je n'ose plus trop me servir de l'ordi maintenant) et surtout comment les éradiquer facilement..

 

Alors si quelqu'un à la solution....bah ça serait super sympa de me filer un coup de main...

[wong]

Bonsoir fablin et bienvenue,

 

Télécharge Hijackthis V 2.0.2 : http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe

 

Enregistre ce fichier sur le bureau. Ferme tous les programmes ouverts y compris le navigateur ( sauf ton anti-virus et pare-feux )

• Fais un double clic sur HJTInstall.exe afin de lancer l'installation ( par défaut il s'installera ici : C:\Program Files\Trend Micro\HijackThis ).
  
• Clique sur Install ensuite sur I Accept
  
• Clique sur Do a scan system and save log file
  
• Cela va t'ouvrir un rapport dans le Bloc-note à la fin du scan.
  
• Dans le Bloc-notes, vérifie dans le menu Format que l'option "Retour automatique à la ligne" n'est pas cochée.
  
• Enregistre le fichier sous le nom HJT1.txt.
  
• Copie/Colle tout son contenu dans ta prochaine réponse.
  

Pour t'aider, voici un Tuto en images : http://cybersecurite.xooit.com/t138-Hijack...-2-0-2.htm#1185

 

Cordialement.

[fablin]

Bonjur Wong,

 

Merci pour ton aide...ne sais pas si j'aurai le temps de faire ça de suite mais OK je m'y colle dès que possible et je renvoie le rapport

A + et encore merci

[fablin]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:43:30, on 10/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\Rundll32.exe

C:\DOCUME~1\ARTIGU~1\LOCALS~1\Temp\clclean.0001

C:\Program Files\Creative\VoiceCenter\AndreaVC.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Insider\Insider.exe

C:\Program Files\Words\Words.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe

C:\WINDOWS\system32\dlcccoms.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\mrofinu.exe

C:\WINDOWS\ccSvcHst.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE

O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1148.exe 61A847B5BBF72813339F30466188719AB689201522886B092CBD44BD8689220221DD325762EA4EBF968951185EFC412806867680AEDE604D64C2661373F815EBDCD66A47

O4 - HKLM\..\Run: [ccSvcHst.exe] C:\WINDOWS\ccSvcHst.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe

O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe

O4 - HKCU\..\Run: [insider] C:\Program Files\Insider\Insider.exe

O4 - HKCU\..\Run: [Words] C:\Program Files\Words\Words.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = E:\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: bw+0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

 

--

End of file - 23979 bytes

 

 

Voilà..je pensais pas que ça irait aussi vite !

J'y comprends rien, mais si ça vous parle.....

[fablin]

Nouveauté ce matin....8 infections avec secuser !

6 supprimées car non réparables, toujours les 2 mêmes impossibles à supprimer....

 

On me dit que le mieux serait encore de tout formater...

???????????????????????

Mr Wong....si vous avez une idée ?

[angelique]

wong est absent pour le moment , donc pour le faire avançer tu vas:

 

Téléchargez MSNFix.zip (de !aur3n7) sur votre bureau:

http://sosvirus.changelog.fr/MSNFix.zip

 

Décompressez-le (clic droit >> Extraire ici) et double cliquer sur le fichier MSNFix.bat.

- Exécutez l'option R.

-- Si l'infection est détectée, exécutez l'option N.

--- Sauvegardez ce rapport puis faites un copier/coller de ce rapport sur le forum, ainsi qu'un nouveau scan HijackThis fait en mode normal.

 

Note :

Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.

 

 

--------------------

 

wong te lira à son retour.

[fablin]

MSNFix 1.573

 

C:\Documents and Settings\Artiguenave Fabien\Bureau\MSNFix

Fix exécuté le 11/11/2007 - 12:30:01,29 By Artiguenave Fabien

mode normal

 

************************ Recherche les fichiers présents

 

... C:\Program Files\Fichiers communs\Carlson\carlton

... C:\PROGRA~1\inetget2\installeur.exe

... C:\PROGRA~1\Insider\Insider.exe

... C:\3d3t4t8n7l.exe

... C:\p6g7j3w2g3f5.exe

... C:\WINDOWS\b122.exe

... C:\WINDOWS\ccSvcHst.exe

... C:\WINDOWS\Dance_dec_jpg.zip

... C:\WINDOWS\mrofinu*.exe

... C:\WINDOWS\Nokia_19_jpg.zip

... C:\WINDOWS\Nokia_19_jpg.zip

... C:\WINDOWS\system32\microsoft\backup.ftp

... C:\WINDOWS\system32\microsoft\backup.tftp

... C:\WINDOWS\Dance_dec_jpg.zip

... C:\WINDOWS\Nokia_19_jpg.zip

 

************************ MSNCHK ***** /!\ beta test /!\

 

 

 

************************ Recherche les dossiers présents

 

... C:\Program Files\Fichiers communs\Carlson\

... C:\PROGRA~1\InetGet2\

... C:\PROGRA~1\Insider\

... C:\PROGRA~1\Temporary\

... C:\PROGRA~1\WinAble\

... C:\Temp\

 

 

 

 

************************ Suppression des fichiers

 

.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton

.. OK ... C:\PROGRA~1\inetget2\installeur.exe

/!\ ... C:\PROGRA~1\Insider\Insider.exe

.. OK ... C:\3d3t4t8n7l.exe

.. OK ... C:\p6g7j3w2g3f5.exe

.. OK ... C:\WINDOWS\b122.exe

/!\ ... C:\WINDOWS\ccSvcHst.exe

.. OK ... C:\WINDOWS\Dance_dec_jpg.zip

/!\ ... C:\WINDOWS\mrofinu*.exe

.. OK ... C:\WINDOWS\Nokia_19_jpg.zip

.. OK ... C:\WINDOWS\Nokia_19_jpg.zip

.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp

.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp

.. OK ... C:\3d3t4t8n7l.exe

.. OK ... C:\p6g7j3w2g3f5.exe

.. OK ... C:\3d3t4t8n7l.exe

.. OK ... C:\p6g7j3w2g3f5.exe

.. OK ... C:\3d3t4t8n7l.exe

.. OK ... C:\p6g7j3w2g3f5.exe

.. OK ... C:\3d3t4t8n7l.exe

.. OK ... C:\p6g7j3w2g3f5.exe

.. OK ... C:\WINDOWS\Dance_dec_jpg.zip

.. OK ... C:\WINDOWS\Nokia_19_jpg.zip

 

 

************************ Suppression des dossiers

 

.. OK ... C:\Program Files\Fichiers communs\Carlson\

.. OK ... C:\PROGRA~1\InetGet2\

/!\ ... C:\PROGRA~1\Insider\

.. OK ... C:\PROGRA~1\Temporary\

.. OK ... C:\PROGRA~1\WinAble\

.. OK ... C:\Temp\

 

 

************************ Nettoyage du registre

 

 

 

Les fichiers encore présents seront supprimés au prochain redémarrage

 

 

************************ Suppression des fichiers

 

.. OK ... C:\PROGRA~1\Insider\Insider.exe

.. OK ... C:\WINDOWS\ccSvcHst.exe

.. OK ... C:\WINDOWS\mrofinu*.exe

 

 

 

************************ Fichiers suspects

 

Aucun Fichier trouvé

 

 

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 11112007_12361620.zip

 

 

------------------------------------------------------------------------

Auteur : !aur3n7 Contact: http://changelog.fr

------------------------------------------------------------------------

 

--------------------------------------------- END ---------------------------------------------

 

 

Merci Angélique d'avoir pris le relai

je viens de faire la manip....

pour le scan Hijackthis je vais le lancer...

A +

[fablin]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:05:32, on 11/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\Creative\VoiceCenter\AndreaVC.exe

C:\DOCUME~1\ARTIGU~1\LOCALS~1\Temp\clclean.0001

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe

C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Words\Words.exe

C:\WINDOWS\system32\dlcccoms.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE

O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe

O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Words] C:\Program Files\Words\Words.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = E:\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: bw+0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {42BF10F8-E97D-4513-A274-E1238F52E3EA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

 

--

End of file - 23229 bytes

 

 

Et voici pour le nouveau scan Hijackthis....

j'espère que j'ai fait correctement....

[wong]

Bonjour fablin, Hello angelique,

 

Merci à angelique pour son intervention.

 

Je ne vois pas de Pare-feu sur ton PC. Est-ce que tu utilises celui de XP ? ( si oui, ce dernier ne filtre que les requettes entrantes, il faudra mettre un vrai Pare-feu ).

 

Ton Antivirus est Avast qui est loin de ce que l'on a fait de mieux en matière de protection, voir ce lien pour plus d'informations : http://forum.malekal.com/ftopic3528.php

 

Tu le remplaceras après le nettoyage.

 

 

1°) Téléchargement d'utilitaires :

 

Télécharge Clean ( de Malekal ) : http://www.malekal.com/download/clean.zip

• Enregistre-le sur ton bureau.
  
• Tu fais un clique droit sur ton fichier clean.zip et dans le menu déroulant, tu cliques sur extrait tout ou extraire ici.
  
• Cela va créer un dossier clean sur ton bureau.
  

Télécharge ATF Cleaner par Atribune : http://www.atribune.org/ccount/click.php?id=1

 

Enregistre-le sur ton bureau ( ou mieux dans un répertoire dédié : C:\ATF\ATF Cleaner.exe ).

 

Télécharge AVG Anti-Spyware de ewido/grisoft sur ton bureau : http://www.ewido.net/en/download/

• Lance le depuis l'icône presente sur ton bureau.
  
• Clique sur modifier l'état du bouclier résident et mise à jour automatique, pour désactiver ces deux fonctions.
  
• Clique sur mise à jour, commence la mise à jour.
  
• Clique sur analyse puis sur paramètres.
  
• Clique sur actions recommandées puis sur quarantaine.
  
• Ferme le programme.
  

Tuto Malekal : http://www.malekal.com/tutorial_AVG_AntiSpyware.html

 

 

2°) Redémarre en mode sans échec

 

Durant cette phase, tu n'auras pas d'accès Internet. Je te conseille d'imprimer la procédure ( ou, événtuellement, de l'enregistrer dans un fichier texte ).

• Clique sur Démarrer
  
• Clique sur Arrêter l'ordinateur
  
• Dans la fenêtre qui s'ouvre : clique sur " Redémarrer "
  
• Appui sur la touche F8 ( ou F5 sur certains PC ) dès qu'un écran de texte apparaît ( puis disparaît ).
  
• Utilise les touches de direction pour sélectionner le mode sans échec voulu ( " mode sans échec " seul )
  
• Appui dur la touche " ENTRÉE "
  
• Attend la fenêtre avec le choix des sessions ( noms d'administrateurs ).
  
• Clique sur ta session normale : ton nom (Administrateur )
  
• Une nouvelle fenêtre s'affiche " Bureau " : clique sur OUI
  

Pour éventuellement t'aider voici un tuto en images : http://www.malekal.com/modesansechec.php

 

 

2.1 - Nettoyage avec Clean

• Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
  
• Double-clic sur clean. Cela va ouvrir une fenêtre noire.
  
• Un menu va apparaître, choisis l'option 2 en appuyant sur la touche 2 de ton clavier.
  
• Clean va travailler.
  
• Un rapport va etre génèré, Copie/Colle le contenu du rapport dans ta prochaine réponse
  

2.2 - Nettoyage avec AVG Anti-Spyware[/color]

 

Procedure préalable à l'utilisation d'AVG Anti-Spyware : Très important pour bien supprimer les fichiers tmp ,cookies et autres, pour une meilleure lecture du rapport d'AVG Anti-Spyware.

 

Double-clique ATF Cleaner.exe afin de lancer le programme.

• Main correspond à IE
  
• Sous l'onglet Main, choisis : Select All
  
• Clique sur le bouton Empty Selected
  

Si tu utilises le navigateur Firefox :

• Clique Firefox au haut et choisis : Select All
  
• Clique le bouton Empty Selected
  
• NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
  

Si tu utilises le navigateur Opera :

• Clique Opera au haut et choisis : Select All
  
• Clique le bouton Empty Selected
  
• NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
  

Clique Exit, du menu principal, afin de fermer le programme.

 

 

Lance AVG Anti-Spyware

 

Clique sur scanner, puis sur scan complet du système.

 

Si des fichiers malveillants sont trouvés :

• Clique sur Appliquer toutes les actions
  
• Clique sur enregistrer le rapport d'analyse.
  
• Colle le rapport dans ton prochain message
  

Pour t'aider tu as deux tutos à ta disposition:

• ATFCleaner: http://pitcatsite.ovh.org/html/ATFCleaner.html
  
• AVG Anti-Spyware: http://pitcatsite.ovh.org/html/avg_a-s.html
  

3°) Redémarre en mode normal

 

Lance HijackThis : Clique sur Do a scan system and save log file

 

Copie/Colle le rapport HijackThis dans ta réponse

 

 

J'attends 3 rapports ( celui de Clean, de AVG AS et celui de HijackThis ).

 

 

Cordialement.