Virus VBs.BL [Résolu]

salut etienne01,

télécharges smitfraudfix :

En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php

tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
cela vas générer un rapport.

Copie/colle le rapport sur le forum stp.

@+

salut,merci de ta reponse rapide g!rly

SmitFraudFix v2.277

Rapport fait à 13:45:26,96, 30/01/2008
Executé à partir de C:\Documents and Settings\Admin\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spleak\SpleakLoader.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\BitDefender\BitDefender 2008\seccenter.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\agrlmvp.dll PRESENT !
C:\WINDOWS\privacy_danger PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMIN\FAVORIS


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: SAGEM Wi-Fi 11g USB adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.254

HKLM\SYSTEM\CCS\Services\Tcpip\..\{39E7DD58-59CB-4C4E-B4E0-E07828A921AB}: NameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8389368F-2EEC-450E-8805-4F10152842A5}: DhcpNameServer=192.168.1.254 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{39E7DD58-59CB-4C4E-B4E0-E07828A921AB}: NameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\..\{39E7DD58-59CB-4C4E-B4E0-E07828A921AB}: NameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

ok

Redémarre le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) dès le démarrage et tu choisis le mode sans échec)

- Ouvre le dossier "SmitfraudFix" et double clique sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.

Enregistre le rapport puis Copie/colle le rapport sur le forum stp.

et

post egalement un rapport hijack this stp

Télécharge HijackThis ici :

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´utilisation (video) :

-> http://pageperso.aol.fr/balltrap34/demohijack.htm

Post le rapport généré ici stp...

@+

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:11:08, on 30/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spleak\SpleakLoader.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O3 - Toolbar: (no name) - {31F68405-A7AE-4D05-917C-97C4CBFE05A0} - (no file)
O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SpleakPlugin] "C:\Program Files\Spleak\SpleakLoader.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe"
O4 - HKLM\..\Run: [LanzarL2007] "C:\DOCUME~1\Admin\LOCALS~1\Temp\{BC7A3069-D9D8-4726-871A-AFB35DEF512A}\{D1DA2BA7-2592-4036-9BB2-DCCABDE8DC1A}\..\..\L2007tmp\Setup.exe" /SETUP:"/l0x040c"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'Default user')
O4 - S-1-5-18 Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'Default user')
O4 - .DEFAULT Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{39E7DD58-59CB-4C4E-B4E0-E07828A921AB}: NameServer = 192.168.1.254
O18 - Protocol: bw+0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

par contre le rapport de smitfraud est long et ne veut pas s afficher dans le forum pourtant je l ai poster 2 fois

re,

ok pour smitfraud

fais ceci :

Télécharge Zeb-Restore http://telechargement.zebulon.fr/zeb-restore.html enregistre ce fichier sur le bureau.

-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
- Coche la case devant : Réinitialiser Fichier Hosts
- Ne coche aucune autre case
-Clique sur Restaurer
-Redémarre ton PC

as tu essayé panda antivirus sur cette machine?

as tu installé ceci :

C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe

a quoi te sert ceci :

C:\Program Files\Spleak\SpleakLoader.exe

puis passe ceci

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

@+

re merci d etre encore la..
ja i eu panda,spleak c est pas un virus c est un adon pour skype,steganos c est mon proxy

ComboFix 08-01-30.6 - Admin 2008-01-30 17:56:06.1 - [color=red][b]FAT32/b/colorx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.929 [GMT 1:00]
Endroit: C:\Documents and Settings\Admin\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Program Files\winupdates
C:\Program Files\winupdates\a.zip
C:\WINDOWS\rs.txt
C:\WINDOWS\search_res.txt

----- BITS: Possible sites infectés -----

hxxp://softworldnetwork.com
hxxp://onsafepro.com
hxxp://softworldnetwork2.com
hxxp://77.91.227.194
.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-30 ))))))))))))))))))))))))))))))))))))
.

2008-01-30 14:04 . 2008-01-30 14:04 <REP> d--hs---- C:\FOUND.057
2008-01-30 12:47 . 2008-01-30 12:48 <REP> d-------- C:\Program Files\CCleaner
2008-01-29 20:14 . 2008-01-29 20:14 <REP> d--hs---- C:\FOUND.056
2008-01-29 17:51 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-29 16:50 . 2008-01-29 16:50 <REP> d-------- C:\Program Files\Safer Networking
2008-01-29 12:08 . 2008-01-29 12:08 <REP> d--hs---- C:\FOUND.055
2008-01-25 12:21 . 2008-01-25 12:21 <REP> d--hs---- C:\FOUND.054
2008-01-25 12:09 . 2008-01-25 12:09 <REP> d--hs---- C:\FOUND.053
2008-01-24 20:55 . 2008-01-24 20:55 <REP> d-------- C:\Program Files\Steganos Internet Anonym 2006
2008-01-24 20:55 . 2008-01-24 20:55 <REP> d-------- C:\Program Files\Secure Surfing Engine
2008-01-23 13:55 . 2008-01-23 13:55 <REP> d-------- C:\Program Files\Proxy Vampire
2008-01-23 13:25 . 2008-01-23 13:25 <REP> d-------- C:\Program Files\A4Proxy
2008-01-21 20:42 . 2008-01-21 20:42 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-21 20:12 . 2008-01-21 20:12 <REP> d-------- C:\Program Files\QuickTime
2008-01-21 18:02 . 2008-01-21 18:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-01-21 18:02 . 2008-01-21 18:03 <REP> d-------- C:\Documents and Settings\Admin\Application Data\BitDefender
2008-01-21 17:42 . 2008-01-21 17:42 <REP> d-------- C:\Program Files\Trend Micro
2008-01-21 12:50 . 2008-01-21 12:51 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-20 19:53 . 2008-01-30 14:06 4,108 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-20 19:52 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-20 19:52 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-20 19:52 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-20 19:52 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-20 19:52 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-18 12:51 . 2008-01-18 12:51 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2008-01-18 12:51 . 2008-01-18 12:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-01-18 12:51 . 2008-01-18 12:54 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-18 12:50 . 2008-01-18 12:50 <REP> d-------- C:\WINDOWS\Internet Logs
2008-01-17 17:57 . 2008-01-17 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\sentinel
2008-01-17 16:51 . 2008-01-17 16:51 85 --a------ C:\WINDOWS\wininit.ini
2008-01-17 13:00 . 2008-01-17 13:00 <REP> d-------- C:\Program Files\Alwil Software
2008-01-17 12:25 . 2008-01-17 12:25 <REP> d-------- C:\Program Files\Lavasoft
2008-01-17 12:25 . 2008-01-17 12:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-16 18:28 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2008-01-16 18:28 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\dllcache\mpe.sys
2008-01-16 18:26 . 2008-01-16 18:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TerraTec
2008-01-16 18:26 . 2007-07-02 15:31 65,536 -ra------ C:\WINDOWS\system32\MFC71DEU.DLL
2008-01-16 18:26 . 2007-07-02 15:31 61,440 -ra------ C:\WINDOWS\system32\MFC71ITA.DLL
2008-01-16 18:26 . 2007-07-02 15:31 61,440 -ra------ C:\WINDOWS\system32\MFC71FRA.DLL
2008-01-16 18:26 . 2007-07-02 15:31 61,440 -ra------ C:\WINDOWS\system32\MFC71ESP.DLL
2008-01-16 18:26 . 2007-07-02 15:31 57,344 -ra------ C:\WINDOWS\system32\MFC71ENU.DLL
2008-01-16 18:26 . 2007-07-02 15:31 49,152 -ra------ C:\WINDOWS\system32\MFC71KOR.DLL
2008-01-16 18:26 . 2007-07-02 15:31 49,152 -ra------ C:\WINDOWS\system32\MFC71JPN.DLL
2008-01-16 18:26 . 2007-07-02 15:31 45,056 -ra------ C:\WINDOWS\system32\MFC71CHT.DLL
2008-01-16 18:26 . 2007-07-02 15:31 40,960 -ra------ C:\WINDOWS\system32\MFC71CHS.DLL
2008-01-16 18:25 . 2008-01-16 18:25 <REP> d-------- C:\Program Files\TerraTec
2008-01-16 18:25 . 2008-01-16 18:25 <REP> d-------- C:\Program Files\Fichiers communs\TerraTec
2008-01-16 18:23 . 2008-01-16 18:23 <REP> d-------- C:\Documents and Settings\Admin\Application Data\TerraTec
2008-01-14 13:10 . 2008-01-14 13:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-01-09 21:46 . 2008-01-09 21:46 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-01-09 21:14 . 2008-01-30 17:58 121 --a------ C:\WINDOWS\bdagent.INI
2008-01-09 21:10 . 2008-01-09 21:10 <REP> d-------- C:\Documents and Settings\LocalService\Menu Démarrer
2008-01-09 21:06 . 2008-01-09 21:06 <REP> d-------- C:\Program Files\BitDefender
2008-01-09 19:42 . 2008-01-09 19:42 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-01-09 12:33 . 2008-01-09 12:33 <REP> d-------- C:\Program Files\LogMeIn
2008-01-09 12:33 . 2007-11-15 18:46 87,352 --a------ C:\WINDOWS\system32\LMIinit.dll
2008-01-09 12:33 . 2007-11-15 18:46 83,288 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll
2008-01-09 12:33 . 2007-08-03 15:09 46,112 --a------ C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
2008-01-09 12:33 . 2007-11-15 18:46 21,496 --a------ C:\WINDOWS\system32\LMIport.dll
2008-01-09 12:33 . 2008-01-09 12:33 1,024 --a------ C:\.rnd
2008-01-08 13:03 . 2008-01-08 13:03 <REP> d-------- C:\Program Files\Orb Networks
2008-01-08 13:03 . 2008-01-08 13:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-01-06 18:43 . 2008-01-06 18:43 <REP> d-------- C:\Program Files\Aspyr
2008-01-06 18:40 . 2008-01-06 18:40 <REP> dr-h----- C:\Documents and Settings\Admin\Application Data\SecuROM
2008-01-06 16:11 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2007-12-25 11:48 . 2008-01-23 12:13 2,594 --a------ C:\Documents and Settings\Admin\Application Data\SAS7_000.DAT
2007-12-25 11:14 . 2007-12-25 11:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-25 11:07 . 2007-12-25 11:07 0 --a------ C:\WINDOWS\plclient.INI
2007-12-25 11:06 . 2007-12-25 11:06 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Nuance
2007-12-25 11:04 . 2007-12-25 11:04 <REP> d-------- C:\Program Files\Fichiers communs\Scansoft Shared
2007-12-25 11:04 . 2007-12-25 11:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2007-12-25 11:03 . 2007-12-25 11:03 <REP> d-------- C:\WINDOWS\speech
2007-12-25 11:03 . 2007-12-25 11:03 <REP> d-------- C:\Program Files\Nuance
2007-12-25 11:03 . 2007-12-25 11:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nuance
2007-12-24 18:23 . 1998-06-24 00:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
2007-12-24 18:23 . 2000-05-22 15:58 115,920 --a------ C:\WINDOWS\system32\msinet.OCX
2007-12-24 18:23 . 1998-07-12 19:00 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL
2007-12-24 18:23 . 1998-07-12 23:00 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL
2007-12-24 18:23 . 1998-07-12 23:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL
2007-12-24 10:35 . 2007-12-24 11:14 878,080 --a------ C:\WINDOWS\system32\iconv.dll
2007-12-24 10:35 . 2007-12-24 11:14 721,920 --a------ C:\WINDOWS\system32\libxml2.dll
2007-12-24 10:35 . 2007-12-24 10:59 170,432 -ra------ C:\WINDOWS\system32\libsyslic1.pd
2007-12-24 10:35 . 2007-12-24 11:15 150,016 --a------ C:\WINDOWS\system32\libxslt.dll
2007-12-24 10:35 . 2007-12-24 11:15 51,200 --a------ C:\WINDOWS\system32\libexslt.dll
2007-12-24 10:35 . 2007-12-24 10:36 192 -ra------ C:\WINDOWS\system32\libsyslic1.ls
2007-12-23 19:56 . 2007-12-23 19:56 <REP> d-------- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2007-12-23 19:18 . 2007-12-23 19:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-23 10:25 . 2007-12-23 10:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-12-23 10:24 . 2007-12-23 10:24 <REP> d-------- C:\Documents and Settings\Admin\Application Data\OfficeUpdate12
2007-12-23 09:41 . 2007-12-23 09:41 <REP> d-------- C:\Program Files\Live_TV
2007-12-22 23:32 . 2007-12-22 23:32 <REP> d-------- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
2007-12-22 23:28 . 2007-12-22 23:28 <REP> d-------- C:\Program Files\Smart Projects
2007-12-22 10:31 . 2007-12-22 10:31 <REP> d--hs---- C:\FOUND.052
2007-12-21 20:48 . 2007-12-21 20:48 <REP> d-------- C:\Documents and Settings\Admin\Application Data\ABBYY
2007-12-21 20:47 . 2007-12-21 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ABBYY
2007-12-21 13:07 . 2007-12-21 13:07 <REP> d-------- C:\Program Files\Universal Document Converter
2007-12-21 13:07 . 2007-08-14 20:57 5,632 --a------ C:\WINDOWS\system32\udcpm.dll
2007-12-21 12:31 . 2007-12-21 11:29 4,765,802 --a------ C:\WINDOWS\noel_006
2007-12-21 11:59 . 2007-12-21 11:59 <REP> d--hs---- C:\FOUND.051
2007-12-20 22:29 . 2007-12-20 22:29 <REP> d-------- C:\Program Files\PDFCreator

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-21 18:41 87,952 ------w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-01-21 17:12 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
2008-01-06 17:40 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-12-24 09:59 144,896 ----a-r C:\WINDOWS\system32\libsyslic1.dll
2007-11-26 17:32 287 ----a-w C:\muxmp4.bat
2007-11-26 15:52 289 ----a-w C:\ffmpeg_debug.bat
2007-11-26 15:52 282 ----a-w C:\ffmpeg.bat
2007-11-23 17:53 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-11-15 17:46 23,736 ----a-w C:\WINDOWS\system32\lmimirr.dll
2007-11-15 17:46 10,040 ----a-w C:\WINDOWS\system32\lmimirr2.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-11-04 10:00 15,872 ------w C:\WINDOWS\system32\winskfr.dll
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-22 09:57 524,288 ----a-w C:\WINDOWS\opuc.dll
2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-10-15 11:24 5,889,940 ----a-w C:\Documents and Settings\Admin\TRACE_BOOT+DRIVERS_1_1.BIN
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-10 23:49 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-10 23:49 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-10 23:49 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-10 23:49 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-10 23:49 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-10 23:49 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-10 23:49 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-10-10 23:49 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-10-10 23:49 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-10 23:49 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-10 23:49 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-10 23:49 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-10-10 23:49 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-10-10 23:49 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-10 23:49 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-10 23:49 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-10-10 23:49 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-10 23:49 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-10-10 23:49 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-10-10 23:49 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-10-10 23:49 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-10 12:01 64,971 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2007-10-10 12:01 5,997 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-10-10 11:01 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-10-10 11:00 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-01-31 09:56 0 ----a-w C:\Documents and Settings\Admin\Application Data\wklnhst.dat
1996-12-02 16:44 582,144 ----a-w C:\Program Files\Fichiers communs\dao350.dll
2006-12-26 22:19 10,022 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{381FFDE8-2394-4F90-B10D-FC6124A40F8C}
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}
{AD6E6555-FB2C-47D4-8339-3E2965509877}
{31F68405-A7AE-4D05-917C-97C4CBFE05A0}
{00000000-5736-4205-0008-F7ED0776FB27}

[HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
[HKEY_CLASSES_ROOT\BitDefender Toolbar]

[HKEY_CLASSES_ROOT\clsid\{ad6e6555-fb2c-47d4-8339-3e2965509877}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{AD6E6555-FB2C-47D4-8339-3E2965509877}"= C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL [2007-09-20 16:19 527360]

[HKEY_CLASSES_ROOT\clsid\{ad6e6555-fb2c-47d4-8339-3e2965509877}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-01 23:55 68856]
"Steam"="" []
"WiFiSiStr"="" []
"L'Assistant DartyBox"="C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe" [2007-06-05 22:15 151552]
"Orb"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" [2007-06-09 02:28 310520]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-04-04 14:20 81920]
"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" [2005-11-09 11:35 3063808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 09:47 7573504]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"SpleakPlugin"="C:\Program Files\Spleak\SpleakLoader.exe" [2007-09-03 19:01 86016]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 21:59 45056]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"UDC Integration"="" []
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 16:00 155648]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 16:15 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 15:09 63048]
"TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe" [2007-09-20 16:20 1077248]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-01-21 18:13 319488]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 20:16 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" [2005-11-09 11:35 3063808]

C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]

C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]

C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-03-28 18:52:06 450560]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-03-28 18:53:03 450560]
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2007-12-17 16:53:52 925696]
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe [2007-07-09 22:24:38 1134592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-15 18:46 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

R0 MtxDma0;Matrox Dma Manager (0);C:\WINDOWS\system32\drivers\MtxDma0.sys [2002-07-09 23:33]
R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2008-01-21 18:12]
R1 cpuidlep;CpuIdle Pro System Driver;C:\WINDOWS\system32\drivers\cpuidlep.sys [2007-07-05 14:51]
R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 17:14]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-08-03 15:09]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2007-08-03 15:09]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-01-21 19:41]
R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 16:03]
R3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 18:13]
R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-05 05:00]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2006-01-18 14:08]
R3 USB28xxBGA;Cinergy EM28xx Capture;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-11-15 16:46]
R3 USB28xxOEM;Cinergy EM28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-11-15 16:46]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]
S3 bkn50USB;Belkin 54Mbps Wireless USB Network Adapter;C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2003-10-14 13:31]
S3 cpuz;cpuz;C:\DOCUME~1\Admin\LOCALS~1\Temp\cpuz.sys []
S3 cpuz128;cpuz128;C:\DOCUME~1\Admin\LOCALS~1\Temp\cpuz_x32.sys []
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;C:\WINDOWS\system32\PLCMPR5.SYS []
S3 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\PLCNDIS5.SYS [2004-04-26 18:11]
S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2006-07-11 12:01]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-01-24 15:38]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-01-24 15:38]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-01-24 15:38]
S3 UPnPService;UPnPService;C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 16:00]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 vncdrv;vncdrv;C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 13:22]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

*Newly Created Service* - 17125FE2
*Newly Created Service* - 94AC80A7
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-30 11:56:38 C:\WINDOWS\Tasks\User_Feed_Synchronization-{037B9FBF-CDBB-4EB6-BD54-BBB423A0FD3E}.job"
- C:\WINDOWS\system32\msfeedssync.exe
"2007-10-14 17:28:52 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-30 17:58:41
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Secure Surfing Engine\sselsp.dll
.
Temps d'accomplissement: 2008-01-30 17:59:06
ComboFix-quarantined-files.txt 2008-01-30 16:59:06
.
2008-01-10 17:09:30 --- E O F ---

re,

ma parole tu les a tous essayé !

Desinstalleur Panda:
http://www.hmsnet.ch/pandaservicecenter/download/OUTILSPANDA.EXE

desinstaller zone alarm:

http://www.commentcamarche.net/faq/sujet 3538 windows reinstallation complete de zonealarm

copie le texte ci-dessous :

File::
C:\FOUND.057
C:\FOUND.056
C:\FOUND.055
C:\FOUND.054
C:\FOUND.053
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files

Folder::
C:\Program Files\Alwil Software

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,


Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

@+

ComboFix 08-01-30.6 - Admin 2008-01-30 19:28:35.2 - [color=red][b]FAT32/b/colorx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.887 [GMT 1:00]
Endroit: C:\Documents and Settings\Admin\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Admin\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color

FILE
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
C:\FOUND.053
C:\FOUND.054
C:\FOUND.055
C:\FOUND.056
C:\FOUND.057
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Alwil Software

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-30 ))))))))))))))))))))))))))))))))))))
.

2008-01-30 14:04 . 2008-01-30 14:04 <REP> d--hs---- C:\FOUND.057
2008-01-30 12:47 . 2008-01-30 12:48 <REP> d-------- C:\Program Files\CCleaner
2008-01-29 20:14 . 2008-01-29 20:14 <REP> d--hs---- C:\FOUND.056
2008-01-29 17:51 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-29 16:50 . 2008-01-29 16:50 <REP> d-------- C:\Program Files\Safer Networking
2008-01-29 12:08 . 2008-01-29 12:08 <REP> d--hs---- C:\FOUND.055
2008-01-25 12:21 . 2008-01-25 12:21 <REP> d--hs---- C:\FOUND.054
2008-01-25 12:09 . 2008-01-25 12:09 <REP> d--hs---- C:\FOUND.053
2008-01-24 20:55 . 2008-01-24 20:55 <REP> d-------- C:\Program Files\Steganos Internet Anonym 2006
2008-01-24 20:55 . 2008-01-24 20:55 <REP> d-------- C:\Program Files\Secure Surfing Engine
2008-01-23 13:55 . 2008-01-23 13:55 <REP> d-------- C:\Program Files\Proxy Vampire
2008-01-23 13:25 . 2008-01-23 13:25 <REP> d-------- C:\Program Files\A4Proxy
2008-01-21 20:42 . 2008-01-21 20:42 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-21 20:12 . 2008-01-21 20:12 <REP> d-------- C:\Program Files\QuickTime
2008-01-21 18:02 . 2008-01-21 18:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-01-21 18:02 . 2008-01-21 18:03 <REP> d-------- C:\Documents and Settings\Admin\Application Data\BitDefender
2008-01-21 17:42 . 2008-01-21 17:42 <REP> d-------- C:\Program Files\Trend Micro
2008-01-21 12:50 . 2008-01-21 12:51 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-20 19:53 . 2008-01-30 14:06 4,108 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-20 19:52 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-20 19:52 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-20 19:52 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-20 19:52 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-20 19:52 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-18 12:51 . 2008-01-18 12:51 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2008-01-18 12:51 . 2008-01-18 12:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-01-18 12:51 . 2008-01-18 12:54 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-18 12:50 . 2008-01-18 12:50 <REP> d-------- C:\WINDOWS\Internet Logs
2008-01-17 17:57 . 2008-01-17 17:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\sentinel
2008-01-17 16:51 . 2008-01-17 16:51 85 --a------ C:\WINDOWS\wininit.ini
2008-01-17 12:25 . 2008-01-17 12:25 <REP> d-------- C:\Program Files\Lavasoft
2008-01-17 12:25 . 2008-01-17 12:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-16 18:28 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2008-01-16 18:28 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\dllcache\mpe.sys
2008-01-16 18:26 . 2008-01-16 18:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TerraTec
2008-01-16 18:26 . 2007-07-02 15:31 65,536 -ra------ C:\WINDOWS\system32\MFC71DEU.DLL
2008-01-16 18:26 . 2007-07-02 15:31 61,440 -ra------ C:\WINDOWS\system32\MFC71ITA.DLL
2008-01-16 18:26 . 2007-07-02 15:31 61,440 -ra------ C:\WINDOWS\system32\MFC71FRA.DLL
2008-01-16 18:26 . 2007-07-02 15:31 61,440 -ra------ C:\WINDOWS\system32\MFC71ESP.DLL
2008-01-16 18:26 . 2007-07-02 15:31 57,344 -ra------ C:\WINDOWS\system32\MFC71ENU.DLL
2008-01-16 18:26 . 2007-07-02 15:31 49,152 -ra------ C:\WINDOWS\system32\MFC71KOR.DLL
2008-01-16 18:26 . 2007-07-02 15:31 49,152 -ra------ C:\WINDOWS\system32\MFC71JPN.DLL
2008-01-16 18:26 . 2007-07-02 15:31 45,056 -ra------ C:\WINDOWS\system32\MFC71CHT.DLL
2008-01-16 18:26 . 2007-07-02 15:31 40,960 -ra------ C:\WINDOWS\system32\MFC71CHS.DLL
2008-01-16 18:25 . 2008-01-16 18:25 <REP> d-------- C:\Program Files\TerraTec
2008-01-16 18:25 . 2008-01-16 18:25 <REP> d-------- C:\Program Files\Fichiers communs\TerraTec
2008-01-16 18:23 . 2008-01-16 18:23 <REP> d-------- C:\Documents and Settings\Admin\Application Data\TerraTec
2008-01-14 13:10 . 2008-01-14 13:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-01-09 21:46 . 2008-01-09 21:46 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-01-09 21:14 . 2008-01-30 19:29 121 --a------ C:\WINDOWS\bdagent.INI
2008-01-09 21:10 . 2008-01-09 21:10 <REP> d-------- C:\Documents and Settings\LocalService\Menu Démarrer
2008-01-09 21:06 . 2008-01-09 21:06 <REP> d-------- C:\Program Files\BitDefender
2008-01-09 19:42 . 2008-01-09 19:42 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-01-09 12:33 . 2008-01-09 12:33 <REP> d-------- C:\Program Files\LogMeIn
2008-01-09 12:33 . 2007-11-15 18:46 87,352 --a------ C:\WINDOWS\system32\LMIinit.dll
2008-01-09 12:33 . 2007-11-15 18:46 83,288 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll
2008-01-09 12:33 . 2007-08-03 15:09 46,112 --a------ C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
2008-01-09 12:33 . 2007-11-15 18:46 21,496 --a------ C:\WINDOWS\system32\LMIport.dll
2008-01-09 12:33 . 2008-01-09 12:33 1,024 --a------ C:\.rnd
2008-01-08 13:03 . 2008-01-08 13:03 <REP> d-------- C:\Program Files\Orb Networks
2008-01-08 13:03 . 2008-01-08 13:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-01-06 18:43 . 2008-01-06 18:43 <REP> d-------- C:\Program Files\Aspyr
2008-01-06 18:40 . 2008-01-06 18:40 <REP> dr-h----- C:\Documents and Settings\Admin\Application Data\SecuROM
2008-01-06 16:11 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2007-12-25 11:48 . 2008-01-23 12:13 2,594 --a------ C:\Documents and Settings\Admin\Application Data\SAS7_000.DAT
2007-12-25 11:14 . 2007-12-25 11:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-25 11:07 . 2007-12-25 11:07 0 --a------ C:\WINDOWS\plclient.INI
2007-12-25 11:06 . 2007-12-25 11:06 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Nuance
2007-12-25 11:04 . 2007-12-25 11:04 <REP> d-------- C:\Program Files\Fichiers communs\Scansoft Shared
2007-12-25 11:04 . 2007-12-25 11:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2007-12-25 11:03 . 2007-12-25 11:03 <REP> d-------- C:\WINDOWS\speech
2007-12-25 11:03 . 2007-12-25 11:03 <REP> d-------- C:\Program Files\Nuance
2007-12-25 11:03 . 2007-12-25 11:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nuance
2007-12-24 18:23 . 1998-06-24 00:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
2007-12-24 18:23 . 2000-05-22 15:58 115,920 --a------ C:\WINDOWS\system32\msinet.OCX
2007-12-24 18:23 . 1998-07-12 19:00 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL
2007-12-24 18:23 . 1998-07-12 23:00 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL
2007-12-24 18:23 . 1998-07-12 23:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL
2007-12-24 10:35 . 2007-12-24 11:14 878,080 --a------ C:\WINDOWS\system32\iconv.dll
2007-12-24 10:35 . 2007-12-24 11:14 721,920 --a------ C:\WINDOWS\system32\libxml2.dll
2007-12-24 10:35 . 2007-12-24 10:59 170,432 -ra------ C:\WINDOWS\system32\libsyslic1.pd
2007-12-24 10:35 . 2007-12-24 11:15 150,016 --a------ C:\WINDOWS\system32\libxslt.dll
2007-12-24 10:35 . 2007-12-24 11:15 51,200 --a------ C:\WINDOWS\system32\libexslt.dll
2007-12-24 10:35 . 2007-12-24 10:36 192 -ra------ C:\WINDOWS\system32\libsyslic1.ls
2007-12-23 19:56 . 2007-12-23 19:56 <REP> d-------- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2007-12-23 19:18 . 2007-12-23 19:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-23 10:25 . 2007-12-23 10:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-12-23 10:24 . 2007-12-23 10:24 <REP> d-------- C:\Documents and Settings\Admin\Application Data\OfficeUpdate12
2007-12-23 09:41 . 2007-12-23 09:41 <REP> d-------- C:\Program Files\Live_TV
2007-12-22 23:32 . 2007-12-22 23:32 <REP> d-------- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
2007-12-22 23:28 . 2007-12-22 23:28 <REP> d-------- C:\Program Files\Smart Projects
2007-12-22 10:31 . 2007-12-22 10:31 <REP> d--hs---- C:\FOUND.052
2007-12-21 20:48 . 2007-12-21 20:48 <REP> d-------- C:\Documents and Settings\Admin\Application Data\ABBYY
2007-12-21 20:47 . 2007-12-21 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ABBYY
2007-12-21 13:07 . 2007-12-21 13:07 <REP> d-------- C:\Program Files\Universal Document Converter
2007-12-21 13:07 . 2007-08-14 20:57 5,632 --a------ C:\WINDOWS\system32\udcpm.dll
2007-12-21 12:31 . 2007-12-21 11:29 4,765,802 --a------ C:\WINDOWS\noel_006
2007-12-21 11:59 . 2007-12-21 11:59 <REP> d--hs---- C:\FOUND.051
2007-12-20 22:29 . 2007-12-20 22:29 <REP> d-------- C:\Program Files\PDFCreator
2007-12-20 22:29 . 2004-03-09 01:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-21 18:41 87,952 ------w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-01-21 17:12 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
2008-01-06 17:40 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-12-24 09:59 144,896 ----a-r C:\WINDOWS\system32\libsyslic1.dll
2007-11-26 17:32 287 ----a-w C:\muxmp4.bat
2007-11-26 15:52 289 ----a-w C:\ffmpeg_debug.bat
2007-11-26 15:52 282 ----a-w C:\ffmpeg.bat
2007-11-23 17:53 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-11-15 17:46 23,736 ----a-w C:\WINDOWS\system32\lmimirr.dll
2007-11-15 17:46 10,040 ----a-w C:\WINDOWS\system32\lmimirr2.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-11-04 10:00 15,872 ------w C:\WINDOWS\system32\winskfr.dll
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-22 09:57 524,288 ----a-w C:\WINDOWS\opuc.dll
2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-10-15 11:24 5,889,940 ----a-w C:\Documents and Settings\Admin\TRACE_BOOT+DRIVERS_1_1.BIN
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-10 23:49 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-10 23:49 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-10 23:49 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-10 23:49 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-10 23:49 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-10 23:49 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-10 23:49 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-10-10 23:49 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-10-10 23:49 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-10 23:49 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-10 23:49 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-10 23:49 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-10-10 23:49 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-10-10 23:49 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-10 23:49 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-10 23:49 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-10-10 23:49 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-10 23:49 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-10-10 23:49 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-10-10 23:49 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-10-10 23:49 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-10 12:01 64,971 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2007-10-10 12:01 5,997 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-10-10 11:01 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-10-10 11:00 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-01-31 09:56 0 ----a-w C:\Documents and Settings\Admin\Application Data\wklnhst.dat
1996-12-02 16:44 582,144 ----a-w C:\Program Files\Fichiers communs\dao350.dll
2006-12-26 22:19 10,022 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{381FFDE8-2394-4F90-B10D-FC6124A40F8C}
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}
{AD6E6555-FB2C-47D4-8339-3E2965509877}
{31F68405-A7AE-4D05-917C-97C4CBFE05A0}
{00000000-5736-4205-0008-F7ED0776FB27}

[HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
[HKEY_CLASSES_ROOT\BitDefender Toolbar]

[HKEY_CLASSES_ROOT\clsid\{ad6e6555-fb2c-47d4-8339-3e2965509877}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{AD6E6555-FB2C-47D4-8339-3E2965509877}"= C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL [2007-09-20 16:19 527360]

[HKEY_CLASSES_ROOT\clsid\{ad6e6555-fb2c-47d4-8339-3e2965509877}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-01 23:55 68856]
"Steam"="" []
"WiFiSiStr"="" []
"L'Assistant DartyBox"="C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe" [2007-06-05 22:15 151552]
"Orb"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" [2007-06-09 02:28 310520]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-04-04 14:20 81920]
"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" [2005-11-09 11:35 3063808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 09:47 7573504]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"SpleakPlugin"="C:\Program Files\Spleak\SpleakLoader.exe" [2007-09-03 19:01 86016]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 21:59 45056]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"UDC Integration"="" []
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 16:00 155648]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 16:15 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 15:09 63048]
"TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe" [2007-09-20 16:20 1077248]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-01-21 18:13 319488]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 20:16 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" [2005-11-09 11:35 3063808]

C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]

C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]

C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-03-28 18:52:06 450560]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-03-28 18:53:03 450560]
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2007-12-17 16:53:52 925696]
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe [2007-07-09 22:24:38 1134592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-15 18:46 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

R0 MtxDma0;Matrox Dma Manager (0);C:\WINDOWS\system32\drivers\MtxDma0.sys [2002-07-09 23:33]
R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2008-01-21 18:12]
R1 cpuidlep;CpuIdle Pro System Driver;C:\WINDOWS\system32\drivers\cpuidlep.sys [2007-07-05 14:51]
R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 17:14]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-08-03 15:09]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2007-08-03 15:09]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-01-21 19:41]
R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 16:03]
R3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 18:13]
R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-05 05:00]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2006-01-18 14:08]
R3 USB28xxBGA;Cinergy EM28xx Capture;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-11-15 16:46]
R3 USB28xxOEM;Cinergy EM28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-11-15 16:46]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]
S3 bkn50USB;Belkin 54Mbps Wireless USB Network Adapter;C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2003-10-14 13:31]
S3 cpuz;cpuz;C:\DOCUME~1\Admin\LOCALS~1\Temp\cpuz.sys []
S3 cpuz128;cpuz128;C:\DOCUME~1\Admin\LOCALS~1\Temp\cpuz_x32.sys []
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;C:\WINDOWS\system32\PLCMPR5.SYS []
S3 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\PLCNDIS5.SYS [2004-04-26 18:11]
S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2006-07-11 12:01]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-01-24 15:38]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-01-24 15:38]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-01-24 15:38]
S3 UPnPService;UPnPService;C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 16:00]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 vncdrv;vncdrv;C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 13:22]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

*Newly Created Service* - 17125FE2
*Newly Created Service* - 94AC80A7
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-30 11:56:38 C:\WINDOWS\Tasks\User_Feed_Synchronization-{037B9FBF-CDBB-4EB6-BD54-BBB423A0FD3E}.job"
- C:\WINDOWS\system32\msfeedssync.exe
"2007-10-14 17:28:52 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-30 19:29:30
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Secure Surfing Engine\sselsp.dll
.
Temps d'accomplissement: 2008-01-30 19:29:54
ComboFix-quarantined-files.txt 2008-01-30 18:29:54
ComboFix2.txt 2008-01-30 16:59:08
.
2008-01-10 17:09:30 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:30:52, on 30/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spleak\SpleakLoader.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O3 - Toolbar: (no name) - {31F68405-A7AE-4D05-917C-97C4CBFE05A0} - (no file)
O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SpleakPlugin] "C:\Program Files\Spleak\SpleakLoader.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'Default user')
O4 - S-1-5-18 Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'Default user')
O4 - .DEFAULT Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: bw+0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

re,

a l´aide de hijack this coche et fix les lignes suivantes :

O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {31F68405-A7AE-4D05-917C-97C4CBFE05A0} - (no file)

comment fixer :

Tutoriel d´utilisation (video) :

-> http://pageperso.aol.fr/balltrap34/demohijack.htm

puis

EoRezoBHO

Fix.reg

Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisie nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en citation ci-dessous (copie tout d'un trait-sans les barres(X)) :

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
REGEDIT4

[-HKEY_CLASSES_ROOT\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_CLASSES_ROOT\EoRezoBHO.EoBho]
[-HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\EoRezoBHO.EoBho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\EoRezoBHO.EoBho.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_USERS\S-1-5-21-2051116082-2678445470-4089012019-7832\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E35}]

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
note regedit4 est dur la premiere ligne et il y a une ligne blanche a la fin
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

ca doit ressembler a ca une fois enrregistré :

http://img520.imageshack.us/img520/4251/screenshot005ps2.png

quitte internet et double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

puis tu n´as pas de par feu :

instales en 1 :

par feu : kerio

http://www.malekal.com/kerio_firewall.php#mozTocId721480

http://www.vulgarisation-informatique.com/kerio.php

http://kerio.probb.fr/configurer-parametrer-sunbelt-personal-firewall-kerio-f2/

ou zone alarm plus facil a configurer mais moins performant

http://www.malekal.com/tutorial_zonealarm.php

puis

A.V.G :

-> Télécharger AVG Anti-Spyware (ewido)

http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware

-> L´installer.

-> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...

p.s : si les mises a jours ne se font pas, elles sont telechargable ici :

http://downloads.ewido.net/avgas-signatures-full-current.exe

-> Sur la page "analyse":

choisir d´abord l'onglet "paramètres".

sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».

-> Lancer le scan, (c´est long...).

-> A la fin du scan copier Et coller le rapport ici.

-> Une aide en image au cas ou :

Tutoriel d´installation et de parametrages :

http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

@+

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:30:46 30/01/2008

+ Résultat de l'analyse:



C:\Documents and Settings\Admin\Cookies\admin@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Admin\Cookies\admin@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Documents and Settings\Admin\Cookies\admin@advertising[1].txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\Admin\Cookies\admin@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\Admin\Cookies\admin@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Admin\Cookies\admin@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\Admin\Cookies\admin@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.


Fin du rapport

re,

tu as bien supprimé ces tracking cookies?

post un nouveau hijack this et precise la situation.

@+

re g!rly desoler mais javais cour j ai du aller me coucher tient voila un HJT et oui j ai bien supprimer les cookie
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:19, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spleak\SpleakLoader.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SpleakPlugin] "C:\Program Files\Spleak\SpleakLoader.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant DartyBox\Upgrade_Manager.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: bw+0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {D75F9C84-C627-492D-8D60-0EC400D9FA1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

la situation est stable je pense que mon provleme est resolu a toi de me le dire tu as le rapport

salut etienne01,

de mon coté ca parait ok...

je mets le probleme en resolu.

bonne continuation`

bye`

Merci encore a plus

( a j ai regarder ton message ou il est marqué que le meilleur moyen de faire tourner la tete d une femme est de lui dire qu elle a un beau profil.alors je te le dit tu as un beau profil!!!)

@++

Merci ;-)