probleme avec un spyware

[alpina d10]

bonjour a tous

mon probleme c'est qu'une cochonnerie c'est installer sur mon pc et je n'arrive pas a le retirer ni a le localisé .spybot a analyser mon pc est ne trouve rien du tout.la grosse dificltèes c 'est que cette ..... ralentis mon pc m'envoye des pub et a chaque touche appuyer me marque: error system au secours

je viens de mettre hijackthis et voila ce qu'il me marque sa me fait peur

Logfile of HijackThis v1.99.1

Scan saved at 11:09:17, on 03/03/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\netdde.exe

C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\clipsrv.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe

C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE

C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\F-Secure\Anti-Virus\fssm32.exe

C:\WINDOWS\system32\lxctcoms.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\vssvc.exe

C:\Program Files\F-Secure\Common\FSMA32.EXE

C:\Program Files\F-Secure\Common\FSMB32.EXE

C:\Program Files\F-Secure\Common\FCH32.EXE

C:\Program Files\F-Secure\Common\FAMEH32.EXE

C:\Program Files\F-Secure\Common\FNRB32.EXE

C:\Program Files\F-Secure\Anti-Virus\fsav32.exe

C:\Program Files\F-Secure\Common\FIH32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\F-Secure\Common\FSM32.EXE

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\Lexmark 5400 Series\lxctmon.exe

C:\Program Files\Lexmark 5400 Series\ezprint.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - C:\WINDOWS\wmpdxm.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"

O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4..._1071_em_XP.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://olivierolivierconroux.spaces.msn.co...ad/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155119580000

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: bw+0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE

O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

merci pour l'aide que vous pourrez m'apporter

[pear]

Bonjour,

Suppression de Magic.Control avec navilog1 (procédure courte)

 

 

# Si vous utilisez Antivir (ce qui est recommandé), vous devez désactiver la protection en temps réel, Antivir détecte certains composant de navilog1 comme néfaste.

 

* Pour cela, faites un clic droit sur l'icône Antivir en bas à droite à côté de l'horloge puis Disable Guard.

Sous Vista:

Désactiver le contrôle des comptes utilisateurs ( le réactiver après la désinfection):

http://forum.malekal.com/viewtopic.php?f=59&t=6517

- Démarrer puis panneau de configuration->"Comptes d'utilisateurs"

- Cliquer ensuite sur désactiver et valider.

Télécharger maintenant Navilog1 depuis-ce lien :

 

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

 

. et enregistrez-le sur lebureau.

Ensuite double cliquer sur navilog1.exe pour lancer l'installation.

Une fois l'installation terminée, Faire un Clic-droit sur le raccourci Navilog1 présent sur le bureau et choisir "Exécuter en tant qu'administrateur".

 

 

 

Au menu principal, Faire le choix 1

Suivre les instructions et patienter jusqu'au message :

*** Analyse Terminée le ..... ***

Poster le rapport

 

[alpina d10]

bonjour merci a vous pour la reponse aussi rapide

le petit soucis c'est que je suis sous windows sp est ce que sa change le probleme?

merci pour votre reponse

[alpina d10]

oups desoler xp evidemment

[alpina d10]

bonjour, apres avoir fait une analyse voici ce qu il me donne

Logfile of HijackThis v1.99.1

Scan saved at 11:09:17, on 03/03/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\netdde.exe

C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\clipsrv.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe

C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE

C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\F-Secure\Anti-Virus\fssm32.exe

C:\WINDOWS\system32\lxctcoms.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\vssvc.exe

C:\Program Files\F-Secure\Common\FSMA32.EXE

C:\Program Files\F-Secure\Common\FSMB32.EXE

C:\Program Files\F-Secure\Common\FCH32.EXE

C:\Program Files\F-Secure\Common\FAMEH32.EXE

C:\Program Files\F-Secure\Common\FNRB32.EXE

C:\Program Files\F-Secure\Anti-Virus\fsav32.exe

C:\Program Files\F-Secure\Common\FIH32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\F-Secure\Common\FSM32.EXE

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\Lexmark 5400 Series\lxctmon.exe

C:\Program Files\Lexmark 5400 Series\ezprint.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - C:\WINDOWS\wmpdxm.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"

O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4..._1071_em_XP.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://olivierolivierconroux.spaces.msn.co...ad/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155119580000

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: bw+0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {060D11F6-D06F-412B-BBE4-D550DCB0133E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE

O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

 

quelle charabia

[pear]

C'est le rapport de navilog qu'il me faut.

[alpina d10]

bonjour ,

a un moment navilog me demande :

1- recherche

2-desinfection automatique

3-desinfection automatique sans prise en charg resultats catchme/gns

4-desinfection manuelle par saisie nom adware

si c 'est bien le petit 1 qu'il faut choisir la reponse qu'il me donne est au-dessus sinon dites quelle chiffre il faut choisir merci

desoler pour ce qui vous parez evidemment pour moi c'est un vraiment cauchemar

je vais refaire la manipulation pour verifiez le rapport qu il me donne

merci pour tes reponses rapides

[pear]

Dans mon message, c'était écrit:

 

Au menu principal, Faire le choix 1

[alpina d10]

la oui vraiment sa prouve mon incompetence pour l'informatique

le rapport donc le voici je pense

Search Navipromo version 3.4.8 commencé le 03/03/2008 à 18:10:28,20

 

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

 

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 25.02.2008 à 20h00 par IL-MAFIOSO

 

 

Microsoft Windows XP [version 5.1.2600]

Internet Explorer : 7.0.5730.11

Système de fichiers : NTFS

 

Executé en mode normal

 

*** Recherche Programmes installés ***

 

 

 

 

*** Recherche dossiers dans C:\WINDOWS ***

 

C:\WINDOWS\msskinner trouvé !

 

 

*** Recherche dossiers dans C:\Program Files ***

 

 

 

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

 

 

 

 

*** Recherche dossiers dans "C:\Documents and Settings\uset\applic~1" ***

 

 

 

*** Recherche dossiers dans "C:\Documents and Settings\uset\locals~1\applic~1" ***

 

 

 

*** Recherche dossiers dans "C:\Documents and Settings\uset\MENUDM~1\PROGRA~1" ***

 

 

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

 

 

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***

pour + d'infos : http://www.gmer.net

 

Fichier(s) caché(s) :

 

C:\WINDOWS\system32\sjnncwvhn.dat

C:\WINDOWS\system32\sjnncwvhn.exe

C:\WINDOWS\system32\sjnncwvhn_nav.dat

C:\WINDOWS\system32\sjnncwvhn_navps.dat

 

 

 

*** Recherche avec GenericNaviSearch ***

!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!

!!! A vérifier impérativement avant toute suppression manuelle !!!

 

* Recherche dans C:\WINDOWS\system32 *

 

* Recherche dans "C:\Documents and Settings\uset\locals~1\applic~1" *

 

 

 

*** Recherche fichiers ***

 

 

C:\WINDOWS\Downloaded Program Files\egaccess4.inf trouvé !

C:\WINDOWS\Downloaded Program Files\IaLdr32.inf trouvé !

C:\WINDOWS\pack.epk trouvé !

C:\WINDOWS\tmlpcert2007 trouvé !

C:\WINDOWS\system32\EGACCESS.dll trouvé !

C:\WINDOWS\system32\EGACCESS.dll trouvé !

C:\WINDOWS\system32\nvs2.inf trouvé !

 

 

*** Recherche clés spécifiques dans le Registre ***

 

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

 

*** Module de Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Recherche nouveaux fichiers Instant Access :

 

 

2)Recherche Heuristique :

 

* Dans C:\WINDOWS\system32 :

 

sjnncwvhn.dat trouvé !

 

* Dans "C:\Documents and Settings\uset\locals~1\applic~1" :

 

 

3)Recherche Certificats :

 

Certificat Egroup trouvé !

 

4)Recherche fichiers connus :

 

C:\WINDOWS\system32\bdeeg.ini2 trouvé ! infection Vundo possible non traitée par cet outil !

 

 

*** Analyse terminée le 03/03/2008 à 18:14:54,90 **

[pear]

Bonsoir,

 

Clic-droit sur le raccourci Navilog1 sur le bureau et choisir "Exécuter en tant qu'administrateur".

Au menu principal, choisir 2 et valider.

 

Le fix va informer qu'il va alors redémarrer le PC

Fermer toutes les fenêtres ouvertes et enregistrer les documents personnels ouverts

Appuyer sur une touche comme demandé.

(si le Pc ne redémarre pas automatiquement, Redémarrer)

Au redémarrage du PC, choisir la session habituelle.

 

Patienter jusqu'au message :

"*** Nettoyage Termine le ..... ***"

Le bloc-notes va s'ouvrir.

Sauvegarder le rapport de manière à le retrouver

Refermer le bloc-notes

.Le bureau va réapparaitre

 

Démarrer -> panneau de configuration -> options internet

Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

 

electronic-group ; egroup ; Montorgueil ; VIP ; "Sunny Day Design Ltd"

 

=> Supprimez-les tous

 

PS:Si le bureau ne réapparaît pas, CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.

Puis à l'onglet "processus". Cliquer en haut à gauche sur fichiers et choisir "exécuter"

Taper explorer et valider.

 

Désinstaller Navilog1 Via ajout/suppression des programmes --> Navilog1

Ensuite supprimer ce dossier : C:\Program Files\navilog1

 

Désactiver l'antivirus actuel et faire un scan panda en ligne

http://www.pandasoftware.com/activescan/fr...6&IdPais=69

Poster le rapport

 

 

Télécharger VundoFix.exe (par Atribune) sur leBureau.

 

* Double-cliquer VundoFix.exe afin de le lancer

* Cliquer sur le bouton Scan for Vundo

* Lorsque le scan est complété, cliquer sur le bouton Remove Vundo

* Une invite demandera si vous voulez supprimer les fichiers, clique YES

* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

* Une invite annonce que le PC va redémarrer; cliquer OK

* Copier/coller le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans la prochaine réponse

J'attends donc 3 rapports.