J'ai perdu une DLL

Dans le message news:684F8C4E-6AC1-45DD-A714-2B6D532F900F@microsoft.com,
Bimbinette <Bimbinette@discussions.microsoft.com>a écrit:

Bonsoir
depuis 2 jours mon ordi ramait tellement que j'ai fait du ménage, mais
apparemment un peu trop puisqu'au démarrage de Windows j'ai un message
comprenant ""pshwr.exe" l'application n'a pas pu démarrer car
netlanm.dll est introuvable"
Pouvez-vous m'aider ?

de plus malgré le grand ménage mon ordi rame toujours autant (alors
qu'avant il fonctionnait très bien) de quoi cela peut-il venir ?

Avec mes remerciements anticipés !

Salut,
C'est un spyware mal éradiqué. Fais un scan hijackthis
(http://www.spywareinfo.com/~merijn/downloads.html) , dézippes -le avant de
le lancer, puis copies le log ici pour que je puisse t'indiquer quelles
entrées réparer afin d'éliminer toute trace du spyware.
De plus, si tu pouvais donner plus de détails sur ce que tu as fait comme
Nettoyage. Peut- être qu'on pourra légèrement améliorer le PC avec ça (mais
il ne faut pas s'attendre à des miracles non plus).
--
Tsilefy

Et voilà le résultat :

Logfile of HijackThis v1.99.1
Scan saved at 18:46:41, on 09/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32fxssvc.exe
C:WINDOWSSystem320THotkey.exe
C:WINDOWSsystem32TPWRTRAY.EXE
C:Program FilesTOSHIBACommandes TOSHIBATFncKy.exe
C:Program FilesTOSHIBAWireless HotkeyTosHKCW.exe
C:WINDOWSsystem32TFNF5.exe
C:Program FilesApoint2KApoint.exe
C:Program FilesTOSHIBATouchEDTouchED.Exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesRealRealPlayerRealPlay.exe
C:WINDOWSsystem32qttask.exe
C:Program Filesoneclickoneclick.exe
C:Program FilesJavajre1.5.0_04binjusched.exe
C:Program FilesApoint2KApntex.exe
C:Program FilesLogitechMouseWaresystemem_exec.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMicrosoft MoneySystemmnyexpr.exe
C:WINDOWSsystem32RunDLL32.exe
C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesNikonNkView6NkvMon.exe
C:PalmHOTSYNC.EXE
C:PROGRA~1INCRED~1binIMAPP.EXE
C:PROGRA~1INCRED~1binIncMail.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32rundll32.exe
D:MESDOC~1YANNICKTÉLÉCH~1IZARCIZARC.EXE
C:DOCUME~1toshibaLOCALS~1TempARC3AHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://www.libertysurf.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://cegetel.net/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchURL =
http://www.the-exit.com/search
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:Program
FilesMicrosoft MoneySystemmnyside.dll
O2 - BHO: ts - {4006DCA3-433D-4FC8-AC36-42DA7797DCB7} -
C:WINDOWSsystem32bho.dll
O2 - BHO: PicShow Class - {4487598C-2EC7-43A2-870E-6D8D720FDD9F} - (no file)
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -
C:Program FilesNewDotNetnewdotnet6_72.dll
O2 - BHO: TalMgr Class - {70230839-555C-4862-8D42-BB1E2352502C} - (no file)
O2 - BHO: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} -
C:Program FilesQuickSearchQuickSearchBar3_28.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar1.dll
O2 - BHO: bhoEvents Class - {FC4C5EAE-66EE-11D4-BC67-0000E8E582D2} -
C:WINDOWSe2bho.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN Toolbar1.01.1629.0frmsntb.dll
O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252}
- C:Program FilesQuickSearchQuickSearchBar3_28.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /nodetect /keeploaded
O4 - HKLM..Run: [00THotkey] C:WINDOWSSystem320THotkey.exe
O4 - HKLM..Run: [000StTHK] 000StTHK.exe
O4 - HKLM..Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM..Run: [TFncKy] TFncKy.exe /Type 20
O4 - HKLM..Run: [TosHKCW.exe] "C:Program FilesTOSHIBAWireless
HotkeyTosHKCW.exe"
O4 - HKLM..Run: [TFNF5] TFNF5.exe
O4 - HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 - HKLM..Run: [TouchED] C:Program FilesTOSHIBATouchEDTouchED.Exe
O4 - HKLM..Run: [Watch] C:PROGRA~1AVAWatch.exe
O4 - HKLM..Run: [adiras] adiras.exe
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [New.net Startup] rundll32
C:PROGRA~1NEWDOT~1NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe
SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe"
-atboottime
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_04binjusched.exe
O4 - HKLM..Run: [NI.UWFX5V] "C:DOCUME~1toshibaLOCALS~1TempTemporary
Internet FilesContent.IE5QJOKB0UJWinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MoneyAgent] "C:Program FilesMicrosoft
MoneySystemmnyexpr.exe"
O4 - HKCU..Run: [Microsoft Update] wuamgrd.exe
O4 - HKCU..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [IncrediMail] C:PROGRA~1INCRED~1binIncMail.exe /c
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - HKCU..Run: [pshower] C:WINDOWSsystem32pshwr.exe
O4 - HKCU..Run: [ichckupd] C:WINDOWSsystem32ichckupd.exe
O4 - Startup: HotSync Manager.lnk = C:PalmHOTSYNC.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st
800-840dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:Program
FilesNikonNkView6NkvMon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
C:PROGRA~1INCRED~1binresourcesWebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:program
filesgoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: >>> FREE PORN GALLERIES <<< -
javascript:{document.location='http://sexmaxx.com/freegalleries.htm';}
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar1.dll/cmcache.html
O9 - Extra button: EasyClick - {05575EC1-B47D-11d3-8F04-00105A9965CA} -
C:WINDOWSe2bar.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
C:Program FilesMicrosoft MoneySystemmnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class)
-
http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O17 -
HKLMSystemCCSServicesTcpip..{EB54D250-08A6-419C-83E0-880527992B5C}:
NameServer = 217.19.192.132 217.19.192.131
O18 - Protocol: bw+0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramBWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:Program FilesFichiers
communsBOONTY SharedServiceBoonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON
CORPORATION - C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesCommon
FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates,
Inc. - C:Program FilesNetwork AssociatesVirusScanMcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe

Et bien que du chinois pour moi !

Lorsque je dis avoir fait du ménage :
désinstallation de programmes inutilisés (mais connus)
virus scan : avast! antivirus et suppression des fichiers infectés (aïe
c'est là je crois que j'ai fait une ou des bêtises !)
défragmentation des disques
voilà

A bientôt de vos nouvelles

Dans le message news:B3E69E44-BD12-4530-B69D-220CDE56D160@microsoft.com,
Bimbinette <Bimbinette@discussions.microsoft.com>a écrit:

Lorsque je dis avoir fait du ménage :
désinstallation de programmes inutilisés (mais connus)
virus scan : avast! antivirus et suppression des fichiers infectés
(aïe
c'est là je crois que j'ai fait une ou des bêtises !)
défragmentation des disques
voilà

A bientôt de vos nouvelles

Bonjour,
Déjà première chose : tu as deux anti virus (Avast et MacAfee) qui
fonctionnent en même temps. Ce n'est pas du tout recommandé, ils se
neutraliseront plus qu'autre chose. Si tu y tiens, tu peux garder les deux
sur ton disque, mais ne les fais pas fonctionner en même temps.
Ensuite, coche chaque entrée que je remets ici, puis à la fin fais Fix, puis
redémarres. Et cette fois, ne lance pas Hijackthis depuis de dossier zip.
Extrais- le (clic droit, extraire sous), sinon il ne poiurra pas créer des
sauvegardes, et tu ne pourras pas annuler en cas de problèmes.
Une fois hijackthis lancé, tu cliques sur le bouton Config (en bas à
droite), et vérifie que la ligne "Make Backup before fixing" est cochée.
Ensuite, tu coches ces lignes:

O2 - BHO: ts - {4006DCA3-433D-4FC8-AC36-42DA7797DCB7} -
C:WINDOWSsystem32bho.dll
O2 - BHO: PicShow Class - {4487598C-2EC7-43A2-870E-6D8D720FDD9F} - (no file)
(reste d'un spyware effacé).
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -
C:Program FilesNewDotNetnewdotnet6_72.dll
O2 - BHO: TalMgr Class - {70230839-555C-4862-8D42-BB1E2352502C} - (no file)
O2 - BHO: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} -
C:Program FilesQuickSearchQuickSearchBar3_28.dll
O2 - BHO: bhoEvents Class - {FC4C5EAE-66EE-11D4-BC67-0000E8E582D2} -
C:WINDOWSe2bho.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: QuickSearch SearchBar -
{82315A18-6CFB-44a7-BDFD-90E36537C252}- C:Program
FilesQuickSearchQuickSearchBar3_28.dll
O4 - HKLM..Run: [New.net Startup] rundll32
C:PROGRA~1NEWDOT~1NEWDOT~1.DLL,NewDotNetStartup -s (bestiole qui se
lance au démarrage)
O4 - HKLM..Run: [NI.UWFX5V] "C:DOCUME~1toshibaLOCALS~1TempTemporary
Internet FilesContent.IE5 QJOKB0UJWinFixer2005ScannerInstallFRA[1].exe"
(là je n'ai pas de preuves, mas je soupçonne fortement que c'est une
bestiole lancée à ton insu. A moins que tu ne te souviennes avoir installé
WInFixer 2005 ).
O4 - HKCU..Run: [Microsoft Update] wuamgrd.exe (vers: AGOBOT.GY)
O4 - HKCU..Run: [pshower] C:WINDOWSsystem32pshwr.exe
O4 - HKCU..Run: [ichckupd] C:WINDOWSsystem32ichckupd.exe (là, je ne
suis pas sûr non plus, mais dans le doute, vire- le).
O8 - Extra context menu item: >>> FREE PORN GALLERIES <<< -
javascript:{document.location='http://sexmaxx.com/freegalleries.htm';} (Sans
doute ajoutée par les spywares ou le vers).
O9 - Extra button: EasyClick - {05575EC1-B47D-11d3-8F04-00105A9965CA} -
C:WINDOWSe2bar.dll
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net

Puis tu cliques sur Fix Checked. Tu redémarres, et ensuite, effaces ces
fichiers :

C:Program FilesNewDotNetnewdotnet6_72.dll (efface tout le dossier
NewDotNet)
C:Program FilesQuickSearchQuickSearchBar3_28.dll (efface tout le dossier
QuickSearch)
C:WINDOWSe2bho.dll
C:WINDOWSe2bar.dll
C:WINDOWSsystem32pshwr.exe
C:WINDOWSsystem32ichckupd.exe

Si tu ne peux pas les effacer (normalement, tu devrais), démarres en mode
sans échec (en appuyant sur f8 ou F2 au juste au démarrage du PC, puis
choisis : mode Sans Echec., et de là tu devrais les supprimer.
Voila, voila. Tu n'as pas fait de bêtises, juste que les antivirus n'ont pas
éliminé la totalité des bestioles (ce qui démontre que 2 antivirus ne donne
pas deux fois plus de sécurité).
Une fois cela fait, et si ton message de dll absent n'apparaît plus, tu
pourras passer à un autre problème : alléger un peu le démarrage de ton PC.
Tu as en effet un certain nombre de programmes lancés inutilement en
arrière- plan. Ils ne sont pas dangereux, mais ils occupent de la puissance
processeur et de la place mémoire.
Si tu désires le faire, refais un nouveau scan hijackthis et repasse ici
avec, on tâchera de voir ce qu'on peut faire pour alléger un peu tout ça.
--
Tsilefy

Bonsoir
j'ai fait toutes les manip demandées
après avoir essayer de supprimer les fichiers ceux-ci étant récalcitrant
j'ai redémarrer en mode échec ; résultat :
NewDotNet : impossible à supprimer
Quicksearch : effacé
e2bho.dll : introuvable
e2bar.dll effacé
pshrw.exe : impossible à supprimer
ichckupd.exe : impossible à supprimer

le message de la dll manquante n'apparaît plus !

je savais avoir MacAffe quelquepart, mais ne le trouvant pas je ne savais
pas qu'il fonctionnait. Lequel des 2 neutraliser et comment ?

voilà le dernier log :
Logfile of HijackThis v1.99.1
Scan saved at 21:21:23, on 09/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32fxssvc.exe
C:WINDOWSSystem320THotkey.exe
C:WINDOWSsystem32TPWRTRAY.EXE
C:Program FilesTOSHIBACommandes TOSHIBATFncKy.exe
C:Program FilesTOSHIBAWireless HotkeyTosHKCW.exe
C:WINDOWSsystem32TFNF5.exe
C:Program FilesApoint2KApoint.exe
C:Program FilesTOSHIBATouchEDTouchED.Exe
C:Program FilesRealRealPlayerRealPlay.exe
C:WINDOWSsystem32qttask.exe
C:Program Filesoneclickoneclick.exe
C:Program FilesJavajre1.5.0_04binjusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesLogitechMouseWaresystemem_exec.exe
C:WINDOWSsystem32rundll32.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesApoint2KApntex.exe
C:Program FilesMicrosoft MoneySystemmnyexpr.exe
C:WINDOWSsystem32RunDLL32.exe
C:PROGRA~1INCRED~1binIncMail.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesAlwil SoftwareAvast4setupavast.setup
C:WINDOWSsystem32wuauclt.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesNikonNkView6NkvMon.exe
C:PalmHOTSYNC.EXE
C:WINDOWSsystem32dumprep.exe
C:WINDOWSsystem32dwwin.exe
D:Mes documentsUnzippedhijackthisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://www.libertysurf.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://cegetel.net/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchURL =
http://www.the-exit.com/search
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:Program
FilesMicrosoft MoneySystemmnyside.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -
C:Program FilesNewDotNetnewdotnet6_72.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN Toolbar1.01.1629.0frmsntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /nodetect /keeploaded
O4 - HKLM..Run: [00THotkey] C:WINDOWSSystem320THotkey.exe
O4 - HKLM..Run: [000StTHK] 000StTHK.exe
O4 - HKLM..Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM..Run: [TFncKy] TFncKy.exe /Type 20
O4 - HKLM..Run: [TosHKCW.exe] "C:Program FilesTOSHIBAWireless
HotkeyTosHKCW.exe"
O4 - HKLM..Run: [TFNF5] TFNF5.exe
O4 - HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 - HKLM..Run: [TouchED] C:Program FilesTOSHIBATouchEDTouchED.Exe
O4 - HKLM..Run: [Watch] C:PROGRA~1AVAWatch.exe
O4 - HKLM..Run: [adiras] adiras.exe
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe
SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe"
-atboottime
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_04binjusched.exe
O4 - HKLM..Run: [NI.UWFX5V] "C:DOCUME~1toshibaLOCALS~1TempTemporary
Internet FilesContent.IE5QJOKB0UJWinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [New.net Startup] rundll32
C:PROGRA~1NEWDOT~1NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MoneyAgent] "C:Program FilesMicrosoft
MoneySystemmnyexpr.exe"
O4 - HKCU..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [IncrediMail] C:PROGRA~1INCRED~1binIncMail.exe /c
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - Startup: HotSync Manager.lnk = C:PalmHOTSYNC.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st
800-840dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:Program
FilesNikonNkView6NkvMon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
C:PROGRA~1INCRED~1binresourcesWebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:program
filesgoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
C:Program FilesMicrosoft MoneySystemmnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class)
-
http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O18 - Protocol: bw+0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramBWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:Program FilesFichiers
communsBOONTY SharedServiceBoonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON
CORPORATION - C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesCommon
FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates,
Inc. - C:Program FilesNetwork AssociatesVirusScanMcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe

je t'attends pour la suite ?!

Bonne soirée

et mille mercis

Dans le message news:813BCDB9-CFD9-41F0-8436-3D63DDF76458@microsoft.com,
Bimbinette <Bimbinette@discussions.microsoft.com>a écrit:

Bonsoir
j'ai fait toutes les manip demandées
après avoir essayer de supprimer les fichiers ceux-ci étant
récalcitrant
j'ai redémarrer en mode échec ; résultat :
NewDotNet : impossible à supprimer
Quicksearch : effacé
e2bho.dll : introuvable
e2bar.dll effacé
pshrw.exe : impossible à supprimer
ichckupd.exe : impossible à supprimer

le message de la dll manquante n'apparaît plus !

je savais avoir MacAffe quelquepart, mais ne le trouvant pas je ne
savais
pas qu'il fonctionnait. Lequel des 2 neutraliser et comment ?

ARF ...
Une chose me dérange dans ce log, celui- là :
C:WINDOWSSystem320THotkey.exe qui correspond à ces deux entrées : O4 -
HKLM..Run: [00THotkey] C:WINDOWSSystem320THotkey.exe et O4 -
HKLM..Run: [000StTHK] 000StTHK.exe (nouveau d'ailleurs, il n'était pas là
avant). C'est le nom d'un vers dont je suis sur qu'il est (était ?) sur ton
PC (Gaobot), et en même temps c'est le nom d'un programme tout à fait
légitime sur les notebook toshiba. Or, ton PC est bien un toshiba, non ?
Donc, là j'hésite (Si ton PC n'est pas un Toshiba, alors il est infecté
jusqu'aux *yeux* !!). Fais- le scanner ici pour voir :
http://www.kaspersky.com/scanforvirus


Sinon, j'ai oublié ça, à virer également:
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchURL =
http://www.the-exit.com/search (détourne la barre de recherche d'Internet
Explorer)

Je te propose de télécharger l'antispyware de microsoft (apparemment, il
détecte winfixer2005), ici:
http://www.microsoft.com/downloads/details.aspx?FamilyId21CD7A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en.
Lance- le et laisse- le faire.

Ensuite, tu relances hijackthis et tu recoches ce qui reste de ce que je
t'ai demandé dans le message précédent, et notamment
"C:DOCUME~1toshibaLOCALS~1TempTemporary Internet
FilesContent.IE5QJOKB0UJWinFixer2005ScannerInstallFRA[1].exe" s'il est
encore là.. Au besoin, efface- le avec l'invite des commandes , en faisant
cela :
démarrer/exécuter/, tapes cmd,
puis tapes cd cd C:DOCUME~1toshibaLOCALS~1TempTemporary Internet
FilesContent.IE5QJOKB0UJ,
et tapes del *.exe

--
Tsilefy

Bonsoir
Voilà je viens de faire toutes les manips résultat : (au fait mon PC est
bien un TOSHIBA - Satellite)

Kaspersky File Scanner :
You're clean!
Kaspersky Anti-Virus has not detected any viruses at this time in the file
you submitted.
However, only a fully-functional antivirus solution with regularly updated
virus definitions can ensure comprehensive protection against malware. If you
do not have an antivirus solution installed, you may wish to consider
purchasing one today.
Download a trial version of Kaspersky Anti-Virus
Purchase Kaspersky Anti-Virus in our E-Store
Purchase Kaspersky Anti-Virus from a certified partner
Scanned file: 00THotkey.exe
00THotkey.exe - OK
Statistics:
Known viruses: 150170 Updated: 20-09-2005
File size (Kb): 240 Virus bodies: 0
Files: 1 Warnings: 0
Archives: 0 Suspicious: 0

Logfile of HijackThis v1.99.1
Scan saved at 20:27:43, on 09/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32fxssvc.exe
C:WINDOWSSystem320THotkey.exe
C:WINDOWSsystem32TPWRTRAY.EXE
C:Program FilesTOSHIBACommandes TOSHIBATFncKy.exe
C:Program FilesTOSHIBAWireless HotkeyTosHKCW.exe
C:WINDOWSsystem32TFNF5.exe
C:Program FilesApoint2KApoint.exe
C:Program FilesTOSHIBATouchEDTouchED.Exe
C:Program FilesApoint2KApntex.exe
C:Program FilesRealRealPlayerRealPlay.exe
C:Program FilesLogitechMouseWaresystemem_exec.exe
C:WINDOWSsystem32qttask.exe
C:Program Filesoneclickoneclick.exe
C:Program FilesJavajre1.5.0_04binjusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:WINDOWSsystem32rundll32.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMicrosoft MoneySystemmnyexpr.exe
C:WINDOWSsystem32RunDLL32.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesNikonNkView6NkvMon.exe
C:PalmHOTSYNC.EXE
D:Mes documentsUnzippedhijackthisHijackThis.exe

Hijackthis :
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://www.libertysurf.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://cegetel.net/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchURL =
http://www.the-exit.com/search
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:Program
FilesMicrosoft MoneySystemmnyside.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -
C:Program FilesNewDotNetnewdotnet6_72.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN Toolbar1.01.1629.0frmsntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /nodetect /keeploaded
O4 - HKLM..Run: [00THotkey] C:WINDOWSSystem320THotkey.exe
O4 - HKLM..Run: [000StTHK] 000StTHK.exe
O4 - HKLM..Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM..Run: [TFncKy] TFncKy.exe /Type 20
O4 - HKLM..Run: [TosHKCW.exe] "C:Program FilesTOSHIBAWireless
HotkeyTosHKCW.exe"
O4 - HKLM..Run: [TFNF5] TFNF5.exe
O4 - HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 - HKLM..Run: [TouchED] C:Program FilesTOSHIBATouchEDTouchED.Exe
O4 - HKLM..Run: [Watch] C:PROGRA~1AVAWatch.exe
O4 - HKLM..Run: [adiras] adiras.exe
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe
SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe"
-atboottime
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_04binjusched.exe
O4 - HKLM..Run: [NI.UWFX5V] "C:DOCUME~1toshibaLOCALS~1TempTemporary
Internet FilesContent.IE5QJOKB0UJWinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [New.net Startup] rundll32
C:PROGRA~1NEWDOT~1NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MoneyAgent] "C:Program FilesMicrosoft
MoneySystemmnyexpr.exe"
O4 - HKCU..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [IncrediMail] C:PROGRA~1INCRED~1binIncMail.exe /c
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - Startup: HotSync Manager.lnk = C:PalmHOTSYNC.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st
800-840dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:Program
FilesNikonNkView6NkvMon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
C:PROGRA~1INCRED~1binresourcesWebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:program
filesgoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
C:Program FilesMicrosoft MoneySystemmnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class)
-
http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O17 -
HKLMSystemCCSServicesTcpip..{EB54D250-08A6-419C-83E0-880527992B5C}:
NameServer = 217.19.192.132 217.19.192.131
O18 - Protocol: bw+0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramBWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:Program FilesFichiers
communsBOONTY SharedServiceBoonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON
CORPORATION - C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesCommon
FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates,
Inc. - C:Program FilesNetwork AssociatesVirusScanMcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe

après redémarrage j'ai tenté (en mode normal puis en mode sans échec) de
supprimer sans résultat :
- dossier nexdotnet
- pshwr.exe
- ichckupd.exe

plus aucune trace de winfixer (je suis passé par "rechercher")

A bientôt

Avec tous mes remerciements !

Dans le message news:1EED0FD1-6DE8-4C6A-9DBA-7E1B8CE949A1@microsoft.com,
Bimbinette <Bimbinette@discussions.microsoft.com>a écrit:

Bonsoir
Voilà je viens de faire toutes les manips résultat : (au fait mon PC
est
bien un TOSHIBA - Satellite)


après redémarrage j'ai tenté (en mode normal puis en mode sans échec)
de
supprimer sans résultat :
- dossier nexdotnet
- pshwr.exe
- ichckupd.exe

plus aucune trace de winfixer (je suis passé par "rechercher")

A bientôt

Avec tous mes remerciements !

Salut,
On avance, on avance :-)
Et ne jamais oublier le dicton : "ne jamais dire 'je vais régler ce problème
en cinq minutes' quand il s'agit d'ordinateur".

D'abord, une chose élémentaire, que j'aurais du te faire vérifier : aurais
tu dans Ajout/ suppression des programmes New.Net Application ou New.Net
Domain ?? Sinon, la procédure pour l'effacer est décrite ici :
http://www.newdotnet.com/removal.html
Notamment, aller dans le dossier NewDotNet et cliquer sur le fichier
uninstallX_XX.exe, et si cela ne marche pas, de télécharger le désinstalleur
ici : http://www.new.net/support/uninstall6_76.exe. , le copier sur une
disquette, puis dans démarrer/exécuter, taper: A:uninstall6_76.exe.
A noter que NewDotNet est une barre de recherche qui s'incruste dans
Internet Explorer, détourne les recherches, entre autre. Son site affirme
qu'il n'est pas un spyware (c'est à dire qu'il n'espionne pas ce que tu fais
sur le PC pour renseigner une base de données). Hijackthis et d'autres le
signalent comme un spyware/adware, considérant qu'il détourne les recherches
vers des sites qui paient le créateur du logiciel (ce qu'il annonce
d'ailleurs lui- même sur son site).
Une fois enlevé, tu devrais pouvoir refaire les manips décrites
précédemment.
Fais aussi un scan en ligne sur http://housecall.trendmicro.com/, puis
télécharges et télécharges le spyware scanner présent sur la même page. Une
fois enregistré, lance-le, lorsque le scan est fini, affiche scan result,
puis Clean Threats Now. Avec un peu de chance, il t'évitera des manipulation
compliquées. Note aussi qu'il va sûrement détecter des dizaines (ou même
centaines) d'entrées. Rassure- toi, pour la plupart, ce sont des cookies,
rien de bien dangereux.
--
Tsilefy

Dis-moi, Bimbinette : tu as deux antivirus résidents en service ?
C'est pas bien ! Ils se contrecarrent tous les deux, et c'est
comme si tu n'en avais aucun ! Tu as Avast + McAfee !

De plus, quand on fait un scan avec n'importe quel logiciel
(antivirus ou autre), il faut arrêter tout ce qui n'est pas utile.

Bonsoir
[...]
Logfile of HijackThis v1.99.1
[...]
Running processes:
[...]
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
ça c'est Avast

[...]
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
ça c'est McAfee Viruscan

[...]
C:Program FilesRealRealPlayerRealPlay.exe
Si RealPlayer est lancé dès le démarrage, ce n'est peut-être

pas utile...

[...]
C:WINDOWSsystem32qttask.exe
QuickTime. S'il démarre en même temps que Windows (réglage

par défaut), tu peux le modifier dans la configuration de ce
logiciel.

C:Program Filesoneclickoneclick.exe
"c'est l'exécutable qui s'installe pour pouvoir utiliser

"gamekult video". celui-ci se lance à chaque démarrage de windows."
ou
"c'est l'exécutable pour VIDEO HD de la chaîne M6.fr"

tu as l'un ou l'autre ?

C:Program FilesJavajre1.5.0_04binjusched.exe
peut être supprimé (module de recherche automatique de mise à

jour du Java de SUN)

[...]
C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
lancé dès le démarrage ?

[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchURL =
http://www.the-exit.com/search
voir remarque de Tsilefy

[...]
O4 - HKLM..Run: [Watch] C:PROGRA~1AVAWatch.exe
tu sais ce que c'est que ce programme ? des fichiers

watch.exe, il y en a des milliers...

O4 - HKLM..Run: [adiras] adiras.exe
tu as un modem ADSL USB ? Si c'est le Sagem F@st 800 décrit

plus bas, je l'ai chez moi, et je n'ai pas ce adiras.exe...

[...]
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe
SYSTEMBOOTHIDEPLAYER
le player de Real qui se lance au démarrage, et qui se cache !

O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe"
-atboottime
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_04binjusched.exe
pour ces trois-là, voir remarques plus haut

O4 - HKLM..Run: [NI.UWFX5V] "C:DOCUME~1toshibaLOCALS~1TempTemporary
Internet FilesContent.IE5QJOKB0UJWinFixer2005ScannerInstallFRA[1].exe"
comme indiqué par Tsilefy, truc à virer

[...]
O4 - HKCU..Run: [IncrediMail] C:PROGRA~1INCRED~1binIncMail.exe /c
lancé dès le démarrage ?

O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
voir plus haut

O4 - Startup: HotSync Manager.lnk = C:PalmHOTSYNC.EXE
tu te sers habituellement d'un Palm ? Est-il utile que ce

module soit lancé dès le démarrage ?

[...]
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
ça, c'est pas bien !

Extrait du site de Zébulon
(http://www.zebulon.fr/articles/HijackThis.php) :
"Mieux vaut les réparer en utilisant LSPFix de Cexx.org
(http://www.cexx.org/lspfix.htm), ou Spybot S&D de Kolla.de
(http://security.kolla.de/).
Notez que les fichiers 'unknown' (inconnus) dans la pile LSP ne
seront pas corrigés par HijackThis, par sécurité."

[...]
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe" /service (file missing)
file missing : après avoir choisi quel antivirus tu veux

garder, si c'est Avast il faudra le réinstaller

O23 - Service: Boonty Games - BOONTY - C:Program FilesFichiers
communsBOONTY SharedServiceBoonty.exe
c'est quoi ? vois dans cette page ce qui est surligné en

jaune, et lis la suite du fil de discussion
http://216.239.59.104/search?qÊche:bShLXEJkNG4J:forum.zebulon.fr/lofiversion/index.php/t75031.html+Boonty.exe&hl=fr

[...]
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesCommon
FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates,
Inc. - C:Program FilesNetwork AssociatesVirusScanMcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
encore McAfee

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
celui-là est inutile (recherche des nouveaux drivers NVidia -

inutile qu'il tourne en permanence). Fais Démarrer -> Exécuter...
-> services.msc
Dans la console des services, recherche "NVIDIA Driver Helper
Service"
Double-clic sur la ligne, et mets-le en "désactivé" dans le champ
"Type de démarrage"

après redémarrage j'ai tenté (en mode normal puis en mode sans échec) de
supprimer sans résultat :
- dossier nexdotnet
- pshwr.exe
- ichckupd.exe
- Problèmes pour supprimer ou renommer des fichiers ou

répertoires :
http://a.vouillon.free.fr/faq-winxp.htm#115
www.d2i.ch/pn/az/s.html#s021
www.d2i.ch/pn/az/a.html#a023
http://www.kellys-korner-xp.com/xp_d.htm#del
http://www.generation-nt.com/astuces/lire/123/Supprimer-deplacer-ou-renommer-les-fichiers-AVI/
- Toutes les solutions de pgriffet :
http://forum.pcastuces.com/sujet.asp?SUJET_ID$46
- DELRP
www.microsoft.com/windows2000/techinfo/reskit/tools/existing/delrp-o.asp
- MOVEONBOOT:
http://fr.gibinsoft.net/gipoutils/fileutil/index.htm
- http://support.microsoft.com/?kbid08421 (surprenant, mais ça
peut être ça)
- http://support.microsoft.com/?id20081
- Procédure pour supprimer des fichiers avec des noms réservés
dans Windows
http://support.microsoft.com/?kbid0716
http://support.microsoft.com/?kbid15226
- Essayer la complétion de commandes
www.hotline-pc.org/invitedecommandes.htm
Utiliser la commande DEL et la touche TAB.
La complétion affiche alors un à un les noms des fichiers, même
ceux qui ont des caractères invisibles.
Il faut taper un espace derrière la commande avant d'appuyer sur TAB.
Exemple:
Dans une fenêtre de commandes:
Naviguer jusqu'au répertoire contenant le fichier et tester les
possibilités de la complétion avec la commande DIR.
Taper la commande DIR suivie d'un espace puis appuyer sur TAB
jusqu'à ce que le fichier " blabla.truc " apparaisse. Noter que
si des caractères invisibles sont présents, la commande affiche
le nom encadré de
guillemets.
Maintenant recommencer avec la commande DEL pour effacer le fichier.

En général on arrive à supprimer en arrêtant explorer et en
opérant en mode Commandes.

Il y a aussi
DEL \.C:le_chemin_de_ton_fichierton_fichier
RD \.C:un_répertoireun_autre
... qui doit être décrit dans l'un des sites ci-dessus, ou chez
Microsoft
http://support.microsoft.com/?kbid15226 pour WinXP

[...]

Bon, t'as du boulot !

Reviens nous dire !


--
Ypoons [MVP]
Ne vous approchez jamais d'un ordinateur en disant ou même
seulement pensant "Je vais faire ça très vite !"
Pour m'écrire : http://www.cerbermail.com/?Qw7yVJONCF
Ne me mettez pas dans votre carnet d'adresse ! Je suis spammé !

Dans le message news:OzmFz9lvFHA.2792@tk2msftngp13.phx.gbl,
Ypoons <debut@nt>a écrit:

Extrait du site de Zébulon
(http://www.zebulon.fr/articles/HijackThis.php) :
"Mieux vaut les réparer en utilisant LSPFix de Cexx.org
(http://www.cexx.org/lspfix.htm), ou Spybot S&D de Kolla.de
(http://security.kolla.de/).

Hello Ypoons,
Note que LSPFix, contrairement à ce que ce site et de nombreux autres
laissent entendre à ce sujet, ne supprime pas le malware, mais répare tout
simplement WinSock (en fait, je le soupçonne de lancer simplement la
commande netsh winsock reset catalog). Tant que la bestiole n'est pas
supprimée, il n'y a donc aucun intérêt à le faire puisque l'infection
reviendra. De même , si on ne rencontre aucun problème particulier pour
aller sur Internet, la couche winsock est probablement restée intacte.
Sinon, merci pour le coup de main.
--
Tsilefy

Bonjour (1/2)
Que du travail pour me dépanner encore merci,... mais ce n'est pas fini

Et ne jamais oublier le dicton : "ne jamais dire 'je vais régler ce problème
en cinq minutes' quand il s'agit d'ordinateur".
ça c'est sûr et y a longtemps que je l'avais compris !!

Alors voici les derniers résultats :

Newdotnet : supprimé
pshwr.exe toujours là et de même pour ichckupd.exe (ils s'accrochent)

Logfile of HijackThis v1.99.1
Scan saved at 13:46:01, on 09/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32fxssvc.exe
C:WINDOWSSystem320THotkey.exe
C:WINDOWSsystem32TPWRTRAY.EXE
C:Program FilesTOSHIBACommandes TOSHIBATFncKy.exe
C:Program FilesTOSHIBAWireless HotkeyTosHKCW.exe
C:WINDOWSsystem32TFNF5.exe
C:Program FilesApoint2KApoint.exe
C:Program FilesTOSHIBATouchEDTouchED.Exe
C:Program FilesRealRealPlayerRealPlay.exe
C:WINDOWSsystem32qttask.exe
C:Program Filesoneclickoneclick.exe
C:Program FilesJavajre1.5.0_04binjusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesLogitechMouseWaresystemem_exec.exe
C:Program FilesMicrosoft MoneySystemmnyexpr.exe
C:WINDOWSsystem32RunDLL32.exe
C:Program FilesApoint2KApntex.exe
C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesNikonNkView6NkvMon.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:PalmHOTSYNC.EXE
C:Program FilesAlwil SoftwareAvast4setupavast.setup
C:WINDOWSsystem32wuauclt.exe
D:Mes documentsUnzippedhijackthisHijackThis.exe


Hijakcthis :
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://www.libertysurf.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://cegetel.net/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:Program
FilesMicrosoft MoneySystemmnyside.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN Toolbar1.01.1629.0frmsntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /nodetect /keeploaded
O4 - HKLM..Run: [00THotkey] C:WINDOWSSystem320THotkey.exe
O4 - HKLM..Run: [000StTHK] 000StTHK.exe
O4 - HKLM..Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM..Run: [TFncKy] TFncKy.exe /Type 20
O4 - HKLM..Run: [TosHKCW.exe] "C:Program FilesTOSHIBAWireless
HotkeyTosHKCW.exe"
O4 - HKLM..Run: [TFNF5] TFNF5.exe
O4 - HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 - HKLM..Run: [TouchED] C:Program FilesTOSHIBATouchEDTouchED.Exe
O4 - HKLM..Run: [Watch] C:PROGRA~1AVAWatch.exe
O4 - HKLM..Run: [adiras] adiras.exe
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe
SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe"
-atboottime
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_04binjusched.exe
O4 - HKLM..Run: [NI.UWFX5V] "C:DOCUME~1toshibaLOCALS~1TempTemporary
Internet FilesContent.IE5QJOKB0UJWinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MoneyAgent] "C:Program FilesMicrosoft
MoneySystemmnyexpr.exe"
O4 - HKCU..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [IncrediMail] C:PROGRA~1INCRED~1binIncMail.exe /c
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop
Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - Startup: HotSync Manager.lnk = C:PalmHOTSYNC.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk =
C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st
800-840dslmon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:Program
FilesNikonNkView6NkvMon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
C:PROGRA~1INCRED~1binresourcesWebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:program
filesgoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_04binnpjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
C:Program FilesMicrosoft MoneySystemmnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class)
-
http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
O18 - Protocol: bw+0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} - C:Program
FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8D7CB843-251C-4B92-BB34-B3EC1BA17189} -
C:Program FilesLogitechDesktop
Messenger8876480ProgramBWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:Program FilesFichiers
communsBOONTY SharedServiceBoonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision -
C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON
CORPORATION - C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesCommon
FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates,
Inc. - C:Program FilesNetwork AssociatesVirusScanMcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe

Suite dans le prochain message (votre article est trop long !)