Virus Sasser? impossible de s'en debarasser [Résolu]

thierry - Dernière réponse le 27 août 2006 à 21:28

Bonjour,

j'ai choppé un virus ce mercredi.
D'après les symptomes, cela doit etre le virus Sasser (compte a rebours, erreur de lsass.exe etc...).
J'ai lu a peu près 200 messages a ce sujet, utilisé tous les patchs qui existe contre sasser, 3 antivirus, 3 desinfections en ligne et... toujours la!
Est ce une nouvelle version de Sasser?
Est ce autre chose que sasser?

J'ai vu sur des forum que certain laissaient leur hijackthis... je ne sais pas ce que c'est, mais si ca peut vous aider à m'aider...
Je vous remercie d'avance.

Logfile of HijackThis v1.99.1
Scan saved at 18:26:32, on 17/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\system32\nhsrvice.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ADT-Image\ALC\Prog\Alc\InterBase\bin\ibserver.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Utilisateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: ADT-Image.lnk = ?
O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4825/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apache2 - Unknown owner - C:\Program Files\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: HASP Loader - Aladdin Knowledge Systems - C:\WINDOWS\system32\nhsrvice.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Virus Sasser? impossible de s'en debarasser »

Suggestions

Virus Sasser? impossible de s'en debarasser
Le ver Sasser » Articles
Virus v32.myzor.fk à me débarasser (Résolu) » Forum
Virus Zafi b comment m'en débarasser (Résolu) » Forum
Virus Sasser besoin d'aide (Résolu) » Forum
Diagnotic ordi virus sasser ? (Résolu) » Forum
Virus rlvknlg.exe comment s'en débarasser? (Résolu) » Forum
Virus sasser ?lsass.ex MPR.DLL absent (Résolu) » Forum
Virus Sasser » Forum
3 virus dont je ne peux me débarasser » Forum

Plus

Réponse

boulepate62 23341Messages postés 14 mars 2006Date d'inscription 10 novembre 2011Dernière intervention 17 août 2006 à 22:22

Salut,

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: ADT-Image.lnk = ?
O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4825/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: HASP Loader - Aladdin Knowledge Systems - C:\WINDOWS\system32\nhsrvice.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

Clic sur demarrer, executer, tape: services.msc ,cherche dans la liste ces lignes et regle les sur "desactivé"

HASP Loader - Aladdin Knowledge Systems
MySQL

Règle celle-ci sur "manuel"

GEARSecurity

Fais ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Cherche et supprime ces fichiers:

nhsrvice.exe
Program.exe

NOTE:
Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

Tu as quoi comme logiciels anti-spywares ?

A++

Ajouter un commentaire - Site web

thierry - 18 août 2006 à 08:48

salut

merci pour ta réponse, je vais essayer.

Pour info, j'ai ad-aware et spy boat .

Bye

Réponse

thierry 18 août 2006 à 10:49

Lut,

j'ai fait ce que tu m'as dit, mais a priori ca ne change rien.

Je n'arrive plus a démarré normalement, donc j'ai tout fait en mode sans echec.

Est-ce important?

Ajouter un commentaire

Réponse

Kritian 8Messages postés 17 août 2006Date d'inscription 18 août 2006 à 11:56

Salut Thierry, pour ton problême il faut en premier lieu que tu identifie précisement le malware qui est dans ton ordi ensuite tu desactive la restauration du systême car le virus se replique dans les fichiers de restaurations puis tu te mets en mode sans echec pour eradiquer la bestiole par un procédé spécifique au malware précédamment identifier.Si tu arrive à trouver le nom exact de ton malware (virus,trojan,ver,rootkit...)je peux te donner la marche à suivre ultérieurement.Pour le debut,si tu as windows xp sp2 à jour, tu peux essayer ça pour l'identification :
sur le bureau : démarrer, exécuter , taper "mrt" dans le cadre, suivant, choisir "complete" et enfin , suivant.Le nombre de virus détecté est restreint mais il s'agit des plus virulent et recalcitrant.Si le tient n'est pas de ceux-la, l' enlever ne sera pas trop difficile.Bon courage!

Ajouter un commentaire

Réponse

thierry 18 août 2006 à 12:38

salut Kritian

aucun logiciel maveillant detecté.

C'est ca le problème, aucun antivirus ou logiciel ne detecte un virus...

Je ne sais plus quoi faire.

Ajouter un commentaire

boulepate62 - 18 août 2006 à 18:14

Salut,

peux tu remettres un rapport Hijackthis fait de préference en mode normal!

Réponse

laurentino83 20Messages postés 18 août 2006Date d'inscription 18 août 2006 à 19:15

Je suis toutes les files concernant le virus Sasser , (je crois l'avoir chopé -Message Autorite NT\systeme et compte à rebours ...)De plus je reçois des messages de mon FAI m'indiquant que j'ai un OPEN PROXY...
voila j'ai déja fait un hijackthis dont voici le contenu.
Merci de m'aider, je patauge un peu.........
*********************************

Logfile of HijackThis v1.99.1
Scan saved at 17:58:32, on 18/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\Program Files\oneclick\oneclick.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\rpcc.exe
C:\WINDOWS\System32\dxvwfiub.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Calendrier\Cld2000.exe
C:\WINDOWS\System32\services.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Documents and Settings\Administrateur\Bureau\emule\emule.exe
c:\program files\club-internet\naviclub\naviclub.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Acrobat IE Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [seekmo] C:\Program Files\Seekmo\seekmo.exe
O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\AntiViral Toolkit Pro\avpm.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: FlowProtector 2005.lnk = C:\Program Files\CheckFlow\FlowProtector\FlowProtector2005.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe
O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Ajouter un commentaire

boulepate62 - 18 août 2006 à 20:03

on va refaire une touche de nettoyage ;-)

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [seekmo] C:\Program Files\Seekmo\seekmo.exe
O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe

Clic sur demarrer, poste de travail, C:, program files, cherche et supprime ce dossier:

Seekmo

Clic sur demarrer, poste de travail, C:, program files, Common files, et supprime ce dossier:

SearchUpgrader

Fais une recherche de ces fichiers supprime les si présent:

dxvwfiub.exe
stonedrv.exe
xpupdate.exe
dxvwfiub.exe

NOTE:
*Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

Installe un anti-virus car tu en as pas apparement, en voici un!

Avast: (anti-virus gratuit en français!)
Avast Antivirus

Tiens nous au courant dès que tu aura fait tout ça, pense à remettre un nouveau rapport hijackthis par la suite

Réponse

laurentino83 20Messages postés 18 août 2006Date d'inscription 20 août 2006 à 12:33

Salut boulepate62!
J'ai fait l'opération sous hijackthis.
Puis les fichiers que tu me demandes de supprimer sont inconnus sous les directory cités...(Seekmo,etc...)
Même en mode sans échec.
C'est vrai que la je n'ai pas d'anti-virus .en fait je l'ai supprimé (AVAST-tant bien que mal) car à chaque connexion , il me signalait la présence d'un virus , même en cliquant sur réparer ou supprimer, j'avais sans cesse les messages (en plus avec Avast on a la petite voix qui nous le signale -énervant à la fin...)
Bref si je l'avais pas supprimé, je serais encore en train de cliquer sur "réparer".
Cependant, voici un nouveau rapport Hijackthis....@+
*************************************
Logfile of HijackThis v1.99.1
Scan saved at 05:57:57, on 20/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\Program Files\oneclick\oneclick.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\windows\system32\stonedrv.exe
C:\WINDOWS\System32\rpcc.exe
C:\WINDOWS\System32\dxvwfiub.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Calendrier\Cld2000.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\WINDOWS\System32\services.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
c:\program files\club-internet\naviclub\naviclub.exe
C:\WINDOWS\explorer.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Acrobat IE Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [seekmo] C:\Program Files\Seekmo\seekmo.exe
O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\AntiViral Toolkit Pro\avpm.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: FlowProtector 2005.lnk = C:\Program Files\CheckFlow\FlowProtector\FlowProtector2005.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe
O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Ajouter un commentaire

boulepate62 - 22 août 2006 à 05:48

Salut Laurentino

réinstalle Avast car s'il te donne des alertes comme quoi il y a des virus c'est qu'il fait son travail, c'est le but d'avoir un anti-virus pour nous proteger et avertir en cas de virus.

Pour la petite voix tu peux la couper dans les "preferences" si mes souvenirs sont bons.

Remets Avast puis fait ça:

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp avec un nouveau rapport hijackthis

http://www.bitdefender.com/scan8/ie.html

A++

laurentino83 - 22 août 2006 à 13:18

Re,
Concernant l'antivirus , j'ai deja installé antivir...
voici le rapport bitdefender:

BitDefender Online Scanner - Real Time Virus Report

Generated at: Tue, Aug 22, 2006 - 13:14:44

--------------------------------------------------------------------------------

Scan Info

Scanned Files
272613

Infected Files
12

Virus Detected

Backdoor.Newartm.A
1

BehavesLike:Win32.SiteHijack
8

Trojan.Downloader.Agent.AFB
1

Backdoor.Delf.AML
1

Trojan.Spy.Agent.MN
1

************************************
et voici le rapport hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 13:17:55, on 22/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\oneclick\oneclick.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\rpcc.exe
C:\WINDOWS\System32\dxvwfiub.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Calendrier\Cld2000.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\WINDOWS\System32\services.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
c:\program files\club-internet\naviclub\naviclub.exe
C:\WINDOWS\System32\taskmgr.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [OneClick] "C:\Program Files\oneclick\oneclick.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\WINDOWS\System32\dxvwfiub.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [a_usdll] cmd /C "del C:\WINDOWS\System32\Macromed\Download\Download.dll"
O4 - HKLM\..\RunOnce: [b_usexe] cmd /C "del C:\WINDOWS\System32\Macromed\Download\Download.exe"
O4 - HKLM\..\RunOnce: [c_usdir] cmd /C "rmdir /Q C:\WINDOWS\System32\Macromed\Download"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\System32\taskdir.exe
O4 - HKCU\..\Run: [WinMedia] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp3072.exe
O4 - HKCU\..\Run: [Winsvr] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp5120.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\AntiViral Toolkit Pro\avpm.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: FlowProtector 2005.lnk = C:\Program Files\CheckFlow\FlowProtector\FlowProtector2005.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

boulepate62 - 22 août 2006 à 17:28

re,

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE083} - C:\WINDOWS\system\ctldlg32.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\System32\taskdir.exe
O4 - HKCU\..\Run: [WinMedia] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp3072.exe
O4 - HKCU\..\Run: [Winsvr] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2.tmp5120.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: bw+0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\WINDOWS\System32\dxvwfiub.exe

Clic sur demarrer, rechercher, cherche et supprime ces fichiers si encore présent

dxvwfiub.exe
xpupdate.exe
taskdir.exe
ctldlg32.dll

Cli sur demarrer, poste de travail, C:, program files, cherche et supprime ce dossier:

MSN Apps

A noter que:
*Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

Fais ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (installe le en anglais il passera en français, reste gratuit après la période d'essai)
Télécharger Ewido Security Suite

On devrait se rapprocher de la fin ;-)

Réponse

thierry 22 août 2006 à 08:46

salut Boulepate,

je n'ai pas réussi à supprimer mon virus, heureusement, j'avais une image norton ghost d'avant les vacances.
Donc ca fonctionne, en espérant que le virus n'était pas déjà présent.

Merci qd meme pour ton aide.

Thierry

Ajouter un commentaire

boulepate62 - 22 août 2006 à 16:58

Salut Thierry,

ton rapport hijackthis, tu l'as fait juste après avoir utiliser Norton Gost ? si oui, c'est pire qu'avant :-/

confirmes moi s'il te plait.

A++

Réponse

laurentino83 22 août 2006 à 17:10

Salut boulepate,

Je crois que le rapport Hijack auquel tu fais allusion est le mien!!
Si tu dis que c'est pire qu'avant pour lui , alors c'est que ca craint pour moi , non?
Alors ton analyse sur ce rapport?

Dans l'attente de ta réponse, Merci bcp...

Ajouter un commentaire

boulepate62 - 22 août 2006 à 17:19

Salut Laurentino,

si c'est le tiens, non ça va ont a pas fini normal :-P

J'te repond de suite

c'est ça d'être à plusieurs sur un post :-/

Réponse

laurentino83 23 août 2006 à 22:26

Up..SVP

Ajouter un commentaire

Afficher les 4 commentaires

laurentino83 - 24 août 2006 à 10:36

Salut boulepate,
sorry, j'avais pas vu!
Je me mets au travail
@+

laurentino83 › boulepate62 - 24 août 2006 à 11:43

Re Boulepate,
concernant les fichiers à supprimer , je ne les ai pas trouvé.
Seul fichier trouvé, MSN Apps --> suppression OK
voici le rapport Ewido:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:38:23 24/08/2006

+ Scan result:

C:\WINDOWS\azesearch.bmp -> Adware.Azesearch : No action taken.
C:\WINDOWS\system32\dfrgsrv.exe -> Trojan.Small : No action taken.

::Report end

***************
et le rapport HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 11:41:50, on 24/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Calendrier\Cld2000.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
c:\program files\club-internet\naviclub\naviclub.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Merci de ta colaboration

boulepate62 - 24 août 2006 à 17:14

Salut Laurentino

Supprime les deux fichiers trouvés par Ewido.

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)

Pourquoi as-tu supprimé Kerio ? il serait utile de remettre un pare-feu efficace! Peut etre un peu chiant au debut mais ça a ces raisons ;-)
Si à tes yeux Kerio etait trop compliqué,tu peux effacer celui-ci

ZoneAlarm: (pare-feu gratuit, en français)
Zone Alarm

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

http://www.bitdefender.com/scan8/ie.html

A++

Réponse

laurentino83 20Messages postés 18 août 2006Date d'inscription 24 août 2006 à 19:10

Re Boulepate,
Eh bien, il etait long le scan bitdefender (1h15!)
Voici le rapport , apparemment aucun pb?
BitDefender Online Scanner - Real Time Virus Report

Generated at: Thu, Aug 24, 2006 - 18:38:30

--------------------------------------------------------------------------------

Scan Info

Scanned Files
233464

Infected Files
0

Virus Detected

No virus found.

Ajouter un commentaire

boulepate62 - 24 août 2006 à 19:16

ça me semble ok et de ton côté ?

laurentino83 - 24 août 2006 à 19:27

J'ai eteins et relancer le PC et tout a l'air de fonctionner normalement (plus de compte à rebours Autorite NT...).

Je te dis donc un grand MERCI pour ta patience et ta collaboration.
Laurentino

Réponse

laurentino83 20Messages postés 18 août 2006Date d'inscription 24 août 2006 à 19:12

Ah encore une chose
sous internet Explorer je n'ai pas acces à la barre d'information Active X
Normal?
Merci

Ajouter un commentaire

boulepate62 - 24 août 2006 à 19:52

Oui, c'est normal car ton système d'exploitation n'est pas à jour, pour regler le probléme, il suffit de faire les mises à jours.

¤ Mises à jours ¤

Clic sur "demarrer", "tous les programmes", tout en haut "Windows Update" puis telecharge toutes les mises à jour qu'il te trouve, tu peux refaire cette opération plusieurs fois à la suite, même si ton PC aura redemarrer, car ton système est loin d'être à jour ;-)

laurentino83 - 24 août 2006 à 20:09

Apparemment, je l'avais deja effectué et j'avais eu le meme message qu'a l'instant, c'est-à-dire:
***Le site Web a rencontré une erreur et ne peut pas afficher la page demandée***
Je ne peux pas effectuer les mises à jour Window?

Dans l'attente de ton analyse...

Réponse

laurentino83 20Messages postés 18 août 2006Date d'inscription 24 août 2006 à 19:45

De plus,
au niveau du gestionnaire de taches, j'ai encore une utilisation de l'UC qui monte souvent a 100% , ralentissant énormément le PC??
Est-ce normal?

Ajouter un commentaire

Afficher les 9 commentaires

laurentino83 - 24 août 2006 à 21:16

rpcc.exe apparemment non present..

Voici le nouveau rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 21:14:20, on 24/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Calendrier\Cld2000.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Documents and Settings\Administrateur\Bureau\emule\emule.exe
c:\program files\club-internet\naviclub\naviclub.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tous Télécharger par ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Télécharger avec Re&Get Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: offline-8876480 - {D41546CA-AF89-41E2-AD74-10E9DDA09EF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: FlowProtectorService - Unknown owner - C:\Program Files\CheckFlow\FlowProtector\4.0.0.1\FlowService.exe (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

laurentino83 › boulepate62 - 24 août 2006 à 21:39

Boulepate,
en analysant le rapport hijack, je viens de voir cette ligne
O4 - HKLM\..\Run: [rpcc] rpcc.exe

En faisant demarrer/rechercher comme tu me le demandais, ce fichier n'était pas présent...

J'ai coché la case et fait un fix. c'est bon ou j'ai fait une conn****?

@+

boulepate62 - 25 août 2006 à 04:51

Salut Laurentino

non, tu n'as pas fait de connerie, regarde dans tes emails et fais le tri, pour ne garder que ce que tu as vraiement besoin le reste poubelle et vide la.

Si tu n'as pas l'un des logiciels ci-dessous telecharge le(s) puis scan ton PC complétement:

SpyBot-Search & Destroy: (gratuit)
Spybot Search & Destroy

A² free: (gratuit)
A² Squared

Ad-Aware SE Personal: (en anglais, gratuit))
Ad-aware
-Le patch pour le faire fonctionner Ad-Aware SE en français: Patch français pour Ad-aware

Puis pour verifier que c'est propre fait ça:

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

_Online Scanner
_Kaspersky Online Scanner
_My Computer

http://www.kaspersky.com/scanforvirus

Si le rapport ne trouve aucun virus, fais ça:

¤ Mises à jours ¤

Clic sur "demarrer", "tous les programmes", tout en haut "Windows Update" puis telecharge toutes les mises à jour qu'il te trouve, tu peux refaire cette opération plusieurs fois à la suite, même si ton PC aura redemarrer, car ton système est loin d'être à jour ;-)

A++

laurentino83 - 25 août 2006 à 16:06

Salut Boulepate,
aprés avoir telecharger tous les logiciels et fais un scan complet avec chacun d'entre eux, voici le rapport Kapersky:
************
Friday, August 25, 2006 3:58:20 PM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 25/08/2006
Kaspersky Anti-Virus database records: 205408

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
G:\

Scan Statistics
Total number of scanned objects 40577
Number of viruses found 1
Number of infected objects 1 / 0
Number of suspicious objects 0
Duration of the scan process 00:47:46

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Administrateur\Bureau\Temp\001.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\003.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\004.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\008.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\009.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\010.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\013.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\015.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\017.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\018.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\020.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\022.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\023.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\024.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\025.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\026.part Object is locked skipped

C:\Documents and Settings\Administrateur\Bureau\Temp\030.part Object is locked skipped

C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012006082520060826\index.dat Object is locked skipped

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Administrateur\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Calendrier\Jours.edb Object is locked skipped

C:\Program Files\Club-Internet\Dr Club Internet\log\mpbtn.log Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\BWDocMap.pht Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\BWInfopakMap.pht Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chandir.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chandir.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chn.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\chn.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\D0000000.FCS Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\inuse.txt Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\L0000004.FCS Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\main.log Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_die.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_die.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_dnd.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_dnd.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_ext.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_ext.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_rcv.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\prs_rcv.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\storydb.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrateur\Data\storydb.idx Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0171358.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0171363.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172358.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172360.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172366.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172367.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172368.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172370.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172371.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172372.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172385.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP101\A0172386.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP102\A0173488.dll Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP103\A0185872.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0209931.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228978.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228979.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228980.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228981.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228982.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228983.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228984.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228985.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228986.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228987.exe Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP104\A0228999.dll Object is locked skipped

C:\System Volume Information\_restore{8A7DB044-5A56-4FC6-871E-072BE0B4FF7E}\RP108\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{6780D64E-E878-4ADD-9FE4-F7629CE11666}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\qvxgamet4.exe Infected: Trojan-Proxy.Win32.Dlena.s skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
**************************
sinon, je confirme qu'il m'est impossible d'effectuer les mises à jour Window (Message:Le site Web a rencontré une erreur et ne peut pas afficher la page demandée)
@+

boulepate62 - 25 août 2006 à 16:14

Salut,

Clic sur demarrer, poste de travail, C:, Windows, (dossier) system32, cherche et supprime ce fichier:

C:\WINDOWS\system32\qvxgamet4.exe

Puis fait ça pour verifier on verra ce que l'on peut faire ensuite pour les mises à jours (si tu as un numéro d'erreur donne le nous stp)

Télécharge lopxp:
http://pageperso.aol.fr/balltrap34/lopxp.zip

dézippe-le sur ton bureau puis double-clic sur le fichier "lopxp.bat"
quand il à terminé, un rapport s'ouvre : fais un copier-coller puis mets le ici

laurentino83 - 25 août 2006 à 16:21

Re,
voici le rapport:
***************
Rapport fait à 16:19:09,75 le 25/08/2006

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1847-2167

R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

14/08/2006 10:25 1515091 Install.dat
23/04/2006 16:57 <REP> Lavasoft
26/02/2006 22:27 <REP> vlc
05/02/2006 15:35 <REP> Netscape
28/12/2005 13:57 <REP> FotoWire
24/12/2005 17:08 <REP> Leadertech
17/04/2005 20:02 <REP> Corel
16/04/2005 10:33 <REP> Media Player Classic
27/03/2005 17:37 <REP> ArcSoft
10/02/2005 22:35 <REP> Checkflow
10/12/2004 19:55 28104 GDIPFONTCACHEV1.DAT
31/10/2004 18:53 <REP> AdobeUM
31/10/2004 18:53 <REP> Adobe
27/10/2004 10:26 <REP> Help
26/10/2004 18:37 <REP> Macromedia
23/10/2004 19:38 <REP> Ahead
23/10/2004 19:37 <REP> Phoenix
23/10/2004 18:29 <REP> CyberLink
23/10/2004 18:21 <REP> ACD Systems
23/10/2004 15:28 <REP> Identities
23/10/2004 15:22 <REP> Mozilla
23/10/2004 15:22 <REP> Sun
23/10/2004 15:13 62 desktop.ini
23/10/2004 15:13 <REP> ..
23/10/2004 15:13 <REP> Microsoft
23/10/2004 15:13 <REP> .
3 fichier(s) 1543257 octets
23 R‚p(s) 8769265664 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1847-2167

R‚pertoire de C:\Documents and Settings\All Users\Application Data

23/10/2004 15:23 <REP> QuickTime
22/10/2004 20:21 <REP> Microsoft
22/10/2004 20:21 <REP> ..
22/10/2004 20:21 <REP> .
0 fichier(s) 0 octets
4 R‚p(s) 8769265664 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1847-2167

R‚pertoire de C:\Documents and Settings\All Users.WINDOWS\Application Data

22/08/2006 20:08 305 addr_file.html
22/08/2006 14:02 <REP> Yahoo! Companion
20/08/2006 17:14 <REP> AntiVir PersonalEdition Classic
16/08/2006 16:14 <REP> Windows Genuine Advantage
11/03/2006 20:46 <REP> WinSoftware
11/03/2006 20:40 <REP> WinAntiVirus Pro 2006
20/01/2006 22:06 <REP> Samsung
27/03/2005 17:37 <REP> ArcSoft
15/12/2004 23:15 <REP> Motive
07/11/2004 11:55 <REP> pixelStorm
23/10/2004 15:59 62 desktop.ini
23/10/2004 15:59 <REP> Microsoft
23/10/2004 15:59 <REP> .
23/10/2004 15:59 <REP> ..
23/10/2004 15:26 <REP> Adobe
23/10/2004 15:25 <REP> ACD Systems
23/10/2004 15:25 <REP> DVD Shrink
23/10/2004 15:24 <REP> Spybot - Search & Destroy
23/10/2004 15:23 <REP> CyberLink
2 fichier(s) 367 octets
17 R‚p(s) 8769265664 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1847-2167

R‚pertoire de C:\Documents and Settings\Default User\Application Data

22/10/2004 20:21 <REP> ..
22/10/2004 20:21 <REP> Microsoft
22/10/2004 20:21 <REP> .
0 fichier(s) 0 octets
3 R‚p(s) 8769265664 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1847-2167

R‚pertoire de C:\Documents and Settings\Default User.WINDOWS\Application Data

23/10/2004 15:59 62 desktop.ini
23/10/2004 15:59 <REP> ..
23/10/2004 15:59 <REP> Microsoft
23/10/2004 15:59 <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 8769265664 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1847-2167

R‚pertoire de C:\Documents and Settings\lolo

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1847-2167

R‚pertoire de C:\WINDOWS\Tasks

23/04/2006 16:47 380 XoftSpySE.job
23/10/2004 15:07 6 SA.DAT
23/10/2004 15:05 65 desktop.ini
23/10/2004 15:05 <REP> ..
23/10/2004 15:05 <REP> .
3 fichier(s) 451 octets
2 R‚p(s) 8ÿ769ÿ261ÿ568 octets libres

******************************************
Recherche dans Program files

Le dossier C:\Program Files\C2Media n'existe pas

*************** Fin du rapport ****************

laurentino83 › boulepate62 - 25 août 2006 à 16:34

au fait , voici le N d'erreur de la mise à jour window
[Numéro d'erreur : 0x80070002]
Merci

boulepate62 - 26 août 2006 à 18:08

Salut,

Pour afficher tous les dossiers et fichiers cachés;

Clic sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"
"
Coche:
¤ afficher les fichiers et dossiers cachés

Clic sur "appliquer" puis "ok"

Clic sur demarrer, poste de travail, C:, documents and settings, all users, application data, cherche et supprime ces dossiers

C:\Documents and Settings\All Users.WINDOWS\Application Data

WinSoftware
WinAntiVirus Pro 2006

Ferme Internet Explorer si ouvert.
Clic sur demarrer, panneau de configuration, connexions et réseau internet, option internet,

- onglet "sécurité" clic sur "parametres par defaut"
- onglet "confidentialité" clic sur "par defaut"
- onglet "contenu" clic sur "effacer le statut SSL"
- onglet "avancé" clic qsur "parametres par defaut"

Appliquer puis ok.

Maintenant, fais ça:

Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.

Puis tente à nouveau de faire tes mises à jours

A++

Réponse

laurentino83 26 août 2006 à 20:56

Salut Boulepate,
Ca y est, tout a etait fait à la lettre et je te remercie de tes efforts.
@+ et Bon Week...

Ajouter un commentaire

boulepate62 - 26 août 2006 à 23:12

Lu Laurentino,

dis le moi si tu n'arrives pas à faire les mises à jours..

A++

laurentino83 - 27 août 2006 à 08:44

Salut boulepate,
effectivement, je n'arrive pas à effectuer les mises à jours window.
toujours le même N° erreur (Numéro d'erreur : 0x80070002)

@+

boulepate62 - 27 août 2006 à 21:28

Salut Laurentino,

regarde ici puis effectue la marche à suivre:
http://support.microsoft.com/?kbid=310794&sd=RMVP

Répondre au sujet

Posez votre question

Dossier à la une

5 extensions si vous voulez revenir à l'ancien Facebook

5 extensions si vous voulez revenir à l'ancien Facebook

Vous n'aimez pas le lifting de Facebook ? Le site Mashable propose cinq étapes pour revenir à l'ancienne présentation du réseau social.

Les interviews exclusives

Bazando fidélise ses clients avec les Facebook credits

Toutes les interviews

Collection CommentÇaMarche.net

Jean-François Pillou

Tout sur le développement logiciel : Écrire du code efficace

Plus de livres

Virus Sasser? impossible de s'en debarasser [Résolu]

Virus Sasser? impossible de s'en debarasser »

5 extensions si vous voulez revenir à l'ancien Facebook

"un outil vraiment simple à la portée de tous"

Tout pour bien utiliser Excel 2010

Tout sur le développement logiciel : Écrire du code efficace

Tout sur les outils Google : Découvrez la galaxie des services Google

Tout sur les réseaux sans fil

Tout sur les e-outils pour les TPE - PME