J'ai un virus tres malin

J’un virus a la noix qui me rajoute un e tonne de fichier temp sa fait lager bmon ordi a font.
J"ai passé hijack et sa me donne en rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:40:19, on 02/10/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\BatteryScope_W2K\batmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PowerPanel\PROGRAM\PcfMgr.exe
C:\Program Files\Sony\Sony Notebook Setup\SNSetup.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.free.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM…\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM…\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM…\Run: [AS00_WPN511] C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe -hide
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [JOGSERV2.EXE] C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
O4 - HKLM…\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM…\Run: [HP Software Update] “c:\Program Files\HP\HP Software Update\HPWuSchd2.exe”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: BatteryScope.lnk = C:\Program Files\BatteryScope_W2K\batmgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PowerPanel.lnk = C:\Program Files\PowerPanel\PROGRAM\PcfMgr.exe
O4 - Global Startup: Sony Notebook Setup.lnk = C:\Program Files\Sony\Sony Notebook Setup\SNSetup.exe
O8 - Extra context menu item: &Search - bar.mywebsearch.com…
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE…
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - acs.pandasoftware.com…
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - download.movienetworks.com…
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - software-dl.real.com…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com…
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - h20436.www2.hp.com…
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - acs.pandasoftware.com…
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - messenger.zone.msn.com…
O18 - Protocol: bw+0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - {950238FB-C706-4791-8674-4D429F85897E} - (no file)
O20 - Winlogon Notify: winrzc32 - C:\WINDOWS\SYSTEM32\winrzc32.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - (no file)
O23 - Service: Netgear Wireless Domain Login Service (NWDLS) - Unknown owner - C:\WINDOWS\System32\NWDLS.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

–
End of file - 18206 bytes

pouvait vous m’aider a supprimer se virus ou a le rendre inactif ?

merci d’avance.

+1

Voici le rapport que sa m’a donné:

-----------\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : PhoenixBIOS 4.0 Release 6.0
USER : grl ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:6 Go (Free:0 Go)
D:\ (Local Disk) - NTFS - Total:4 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)

“C:\ToolBar SD” ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 03/10/2009|18:45 )

-----------\ Recherche de Fichiers / Dossiers …

-----------\ […\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\System32\blank.htm”
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
“Search Bar”=“http://www.free.fr/search/”
“Start Page”=“http://www.google.fr/”

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Default_Page_URL”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome”
“Default_Search_URL”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
“Start Page”=“http://www.msn.com/”

--------------------\ Recherche d’autres infections

Aucune autre infection trouvée !

1 - “C:\ToolBar SD\TB_1.txt” - 03/10/2009|18:48 - Option : [2]

-----------\ Fin du rapport a 18:48:00,39

voila je continue se que tu m’a dit de faire.

      [B] ///// ST_Fix \\\\\ [/B]  

Debut le 03/10/2009 a 18:55:05,51

                          Option [3] - Firefox + Internet Explorer  

      [B] ///// Firefox \\\\\ [/B] 

Valeur de la page de demarrage avant desinfection

Valeur de la page de demarrage apres desinfection

      [B] ///// Internet Explorer \\\\\ [/B] 

Valeur de la page de demarrage avant desinfection : www.google.fr…
Valeur de la page de demarrage apres desinfection : www.google.fr…

Valeur de la page de Tabs avant desinfection : ieframe.dll…
Valeur de la page de Tabs apres desinfection : ieframe.dll…

Fin du Rapport le 03/10/2009 a 18:56:07,16

**************** Fin ****************

et je refais le rapport hijack.

rebijour;
j’ai fait le rapport hijack et voila se que sa me donne:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:04, on 03/10/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\BatteryScope_W2K\batmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PowerPanel\PROGRAM\PcfMgr.exe
C:\Program Files\Sony\Sony Notebook Setup\SNSetup.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.free.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM…\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM…\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM…\Run: [AS00_WPN511] C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe -hide
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [JOGSERV2.EXE] C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
O4 - HKLM…\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM…\Run: [HP Software Update] “c:\Program Files\HP\HP Software Update\HPWuSchd2.exe”
O4 - HKLM…\RunOnce: [SpybotSnD] “C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe” /autocheck
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: BatteryScope.lnk = C:\Program Files\BatteryScope_W2K\batmgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PowerPanel.lnk = C:\Program Files\PowerPanel\PROGRAM\PcfMgr.exe
O4 - Global Startup: Sony Notebook Setup.lnk = C:\Program Files\Sony\Sony Notebook Setup\SNSetup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE…
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - acs.pandasoftware.com…
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - download.movienetworks.com…
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - software-dl.real.com…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com…
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - h20436.www2.hp.com…
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - acs.pandasoftware.com…
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - messenger.zone.msn.com…
O18 - Protocol: bw+0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - {950238FB-C706-4791-8674-4D429F85897E} - (no file)
O20 - Winlogon Notify: winrzc32 - C:\WINDOWS\SYSTEM32\winrzc32.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - (no file)
O23 - Service: Netgear Wireless Domain Login Service (NWDLS) - Unknown owner - C:\WINDOWS\System32\NWDLS.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

–
End of file - 18177 bytes

Je vais voir si le virus et mort en tout cas merci de t’etre interressé a mon probleme.
merci beaucoup @+

Bonjour jeanmimigab,

Merci encore pour ton aide. J’ai effectué les opérations dans l’ordre que tu m’as indiqué.
Voici les rapports:

OTM:

All processes killed
========== PROCESSES ==========
No active process named desktop.exe was found!
========== FILES ==========
C:\WINDOWS\isrvs moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\SYSTEM32\winrzc32.dll
C:\WINDOWS\SYSTEM32\winrzc32.dll NOT unregistered.
C:\WINDOWS\SYSTEM32\winrzc32.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: grl
->Temp folder emptied: 8587693 bytes
File delete failed. C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\SDMN492Z\recherche[1]. scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\S1IVK9IB\ShowFolder[1]. scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\JOD93C0S\ads[1]. scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\I9SBMXU5\immobilier[1]. scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\EF4DO9MV\google[1]. scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 52497581 bytes
->Java cache emptied: 244354 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33328 bytes

User: lydia
->Temp folder emptied: 217 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\LastGood.Tmp\System32\DRIVERS folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\System32 folder deleted successfully.
C:\WINDOWS\LastGood.Tmp folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 18848 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\WINDOWS\temp\winFB.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied: 40004408 bytes
RecycleBin emptied: 28911499 bytes

Total Files Cleaned = 124,39 mb

OTM by OldTimer - Version 3.0.0.6 log created on 10042009_145950

Files moved on Reboot…
File C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\SDMN492Z\recherche[1]. not found!
File C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\S1IVK9IB\ShowFolder[1]. not found!
File C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\JOD93C0S\ads[1]. not found!
File C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\I9SBMXU5\immobilier[1]. not found!
File C:\Documents and Settings\grl\Local Settings\Temporary Internet Files\Content.IE5\EF4DO9MV\google[1]. not found!
C:\WINDOWS\temp\winFB.tmp moved successfully.

Registry entries deleted on Reboot…

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:24, on 04/10/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\BatteryScope_W2K\batmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PowerPanel\PROGRAM\PcfMgr.exe
C:\Program Files\Sony\Sony Notebook Setup\SNSetup.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.free.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM…\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM…\Run: [AS00_WPN511] C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe -hide
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [JOGSERV2.EXE] C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
O4 - HKLM…\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM…\Run: [HP Software Update] “c:\Program Files\HP\HP Software Update\HPWuSchd2.exe”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: BatteryScope.lnk = C:\Program Files\BatteryScope_W2K\batmgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PowerPanel.lnk = C:\Program Files\PowerPanel\PROGRAM\PcfMgr.exe
O4 - Global Startup: Sony Notebook Setup.lnk = C:\Program Files\Sony\Sony Notebook Setup\SNSetup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE…
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - acs.pandasoftware.com…
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - download.movienetworks.com…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com…
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - h20436.www2.hp.com…
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - acs.pandasoftware.com…
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - messenger.zone.msn.com…
O18 - Protocol: bw+0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0B071A45-F1CE-4339-B089-70E9EDD88EF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - {950238FB-C706-4791-8674-4D429F85897E} - (no file)
O20 - Winlogon Notify: winrzc32 - winrzc32.dll (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - (no file)
O23 - Service: Netgear Wireless Domain Login Service (NWDLS) - Unknown owner - C:\WINDOWS\System32\NWDLS.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

–
End of file - 17790 bytes

J’ai également passé hier Spybot et il a trové 2 problèmes dont 1 qu’il n’arrivait pas a retirer. J’ai alors programmé Spybot au redemarrage, il a retiré virtumonde mais n’a pas réussit à retirer : " Win32.FraudLoad.edt "

J’ai également un autre problème depuis quelques mois. Quand j’etteins mon PC par "démarrer, arrêter l’ordinateur " , celui-ci ferme la session et au moment ou il va s’etteindre un page Bleue (genre Dos) apparait très rapidement et disparait et mon PC redémarre tout seul !!! Que faire?

Merci encore de ta disponibilité.

@ ++++

Salut,

Voici le rapport Combofix: (je n’ai pas eu de problème de connexion après)

ComboFix 09-10-03.01 - grl 04/10/2009 18:10.1.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.0.1252.33.1036.18.255.163 [GMT 2:00]
Lancé depuis: c:\documents and settings\grl\Bureau\DGADO.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\INSTALL.LOG
c:\program files\Internet Explorer\fxavx.ini
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\Install.inf
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\RdxIE.dll
c:\windows\system32\i
c:\windows\system32\open.ico

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_Irmon
-------\Service_Irmon

((((((((((((((((((((((((((((( Fichiers créés du 2009-09-04 au 2009-10-04 ))))))))))))))))))))))))))))))))))))
.

2009-10-04 12:59 . 2009-10-04 12:59 -------- d-----w- C:_OTM
2009-10-03 16:56 . 2009-10-03 16:56 3502 ----a-w- C:\Internet Explorer.reg
2009-10-03 16:43 . 2009-10-03 16:48 -------- d-----w- C:\ToolBar SD
2009-10-02 20:38 . 2009-10-02 20:38 -------- d-----w- c:\program files\Trend Micro
2009-09-04 17:57 . 2009-09-04 19:04 -------- d-----w- c:\windows\BDOSCAN8

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-04 18:25 . 2004-12-14 15:08 -------- d-----w- c:\program files\Windows ControlAd
2009-09-02 15:46 . 2009-09-02 15:46 -------- d-----w- c:\program files\Panda Security
2009-08-27 16:24 . 2009-02-15 15:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-20 20:37 . 2005-06-11 17:43 104485 ----a-w- c:\windows\hpoins04.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“LVCOMSX”=“c:\windows\System32\LVCOMSX.EXE” [2004-05-21 221184]
“ANIWZCS2Service”=“c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe” [2007-01-19 49152]
“AS00_WPN511”=“c:\program files\NETGEAR\WPN511\Utility\WPN511.exe” [2007-02-06 1130496]
“QuickTime Task”=“c:\program files\QuickTime\qttask.exe” [2004-06-06 77824]
“JOGSERV2.EXE”=“c:\program files\Sony\Jog Dial Utility\JogServ2.exe” [2001-08-23 1458176]
“HKSERV.EXE”=“c:\program files\Sony\HotKey Utility\HKserv.exe” [2001-07-17 409600]
“HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2004-02-12 49152]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2001-10-02 13312]

c:\documents and settings\All Users\Menu D?marrer\Programmes\D?marrage
BatteryScope.lnk - c:\program files\BatteryScope_W2K\batmgr.exe [2009-3-26 585728]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
PowerPanel.lnk - c:\program files\PowerPanel\PROGRAM\PcfMgr.exe [2009-3-27 229376]
Sony Notebook Setup.lnk - c:\program files\Sony\Sony Notebook Setup\SNSetup.exe [2009-3-27 45056]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
“SpecifyDefaultButtons”= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0sprestrt

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe”=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [02/09/2009 17:46 28544]
R3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [13/02/2009 12:23 16194]
R3 EPPSCSIx;Agfa EPPSCSI Driver;c:\windows\system32\drivers\EPPSCAN.sys [21/10/1999 16:10 95336]
R3 FCUSB;Freecom Cable II USB Driver;c:\windows\system32\drivers\FCUSB.sys [29/11/2001 12:05 13104]
R3 MemStPCI;Contrôleur Sony Memory Stick (PCI);c:\windows\system32\drivers\MemStPCI.SYS [04/06/2004 13:58 24320]
R3 neo20xx;neo20xx;c:\windows\system32\drivers\neo20xx.sys [04/06/2004 13:58 39264]
R3 NETGEAR_WPN511_SERVICE;NETGEAR WPN511 Wireless Adapter Service;c:\windows\system32\drivers\wpn511.sys [13/02/2009 12:23 488992]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [20/10/2004 14:23 21344]
.
.
------- Examen supplémentaire -------
.
uStart Page = www.google.fr…
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - download.movienetworks.com…
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - www.bitdefender.fr…
.

• • • • ORPHELINS SUPPRIMES - - - -

HKCU-Run-Steam - (no file)
HKU-Default-Run-Microsoft Update - vpc32.exe
Notify-winrzc32 - winrzc32.dll

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-10-04 18:30
Windows 5.1.2600 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

.
--------------------- DLLs chargées dans les processus actifs ---------------------

• • • • • • • ‘winlogon.exe’(748)
              c:\windows\system32\ODBC32.dll
              c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

• • • • • • • ‘lsass.exe’(808)
              c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
              c:\windows\System32\dssenh.dll

• • • • • • • ‘explorer.exe’(3048)
              c:\program files\Sony\Jog Dial Utility\WMHook.dll
              c:\windows\system32\WS2_32.dll
              c:\windows\system32\WS2HELP.dll
              .
              Heure de fin: 2009-10-04 18:38 - La machine a redémarré
              ComboFix-quarantined-files.txt 2009-10-04 16:38

Avant-CF: 885 800 960 octets libres
Après-CF: 786 505 728 octets libres

WinXP_FR_PRO_BF.EXE
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professionnel” /fastdetect

120

Merci et j’espère que ces virus vont finir par partir.

Au fait, mon PC est un Pentium III, 496 MHz, 256 Mo de RAM - Sony Vaio de 10 ans.

Je n’ai pas d’antivirus, que me conseilles tu? Pour ne pas que cela fasse ramer trop ma machine!!!??

Merci encore.

@+++

Bonne nouvelle, lorsque j’arrête mon PC, celui-ci ne redemarre plus tout seul. C’est bon signe et cela fait du bien.

Trop fort jeanmimigab

J’ai bien créé un fichier regexport sur le bureau. L’icone est exactement comme tu me l’a indiqué.
Quand je doucle-clic dessus cela m’ouvre une fenêtre noire avec le message suivant:

Ensuite un fichier Bloc-note nommé log.txt s’ouvre et rien n’est incrit.

Dois-je passer à l’étape suivante?

J’attends ton feu vert. Je souhaite desormais que mon PC tourne !!! et écoute tes précieux conseilles.

Merci

@+++

Bonsoir,

J’ai passé Malwarebytes’ Anti-Malware et celui-ci n’a trouvé aucun éléments nuisible.

Voici le rapport :

Malwarebytes’ Anti-Malware 1.41
Version de la base de données: 2905
Windows 5.1.2600

04/10/2009 21:53:06
mbam-log-2009-10-04 (21-53-06).txt

Type de recherche: Examen rapide
Eléments examinés: 113199
Temps écoulé: 13 minute(s), 15 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Cela sent bon :super:

J’attends avec hate la suite, tes conseils sont géniaux, Merci M’sieur.

Yes you can,

Ton fichier a fonctionné, voici le rapport:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“AutoRestartShell”=dword:00000001
“DefaultDomainName”=“PC-DE-GREG”
“DefaultUserName”=“grl”
“LegalNoticeCaption”=""
“LegalNoticeText”=""
“PowerdownAfterShutdown”=“0”
“ReportBootOk”=“1”
“Shell”=“Explorer.exe”
“ShutdownWithoutLogon”=“0”
“System”=""
“Userinit”=“C:\WINDOWS\system32\userinit.exe,”
“VmApplet”=“rundll32 shell32,Control_RunDLL “sysdm.cpl””
“SfcQuota”=dword:ffffffff
“allocatecdroms”=“0”
“allocatedasd”=“0”
“allocatefloppies”=“0”
“cachedlogonscount”=“10”
“forceunlocklogon”=dword:00000000
“passwordexpirywarning”=dword:0000000e
“scremoveoption”=“0”
“AllowMultipleTSSessions”=dword:00000001
“UIHost”=hex(2):6c,00,6f,00,67,00,6f,00,6e,00,75,00,69,00,2e,00,65,00,78,00,65,
00,00,00
“LogonType”=dword:00000001
“Background”=“0 0 0”
“DebugServerCommand”=“no”
“SFCDisable”=dword:00000000
“WinStationsDisabled”=“0”
“HibernationPreviouslyEnabled”=dword:00000001
“ShowLogonOptions”=dword:00000000
“AltDefaultUserName”=“grl”
“AltDefaultDomainName”=“PC-DE-GREG”
“AutoAdminLogon”=“0”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{25537BA6-77A8-11D2-9B6C-0000F8080861}]
@=“Folder Redirection”
“ProcessGroupPolicyEx”=“ProcessGroupPolicyEx”
“DllName”=hex(2):66,00,64,00,65,00,70,00,6c,00,6f,00,79,00,2e,00,64,00,6c,00,
6c,00,00,00
“NoMachinePolicy”=dword:00000001
“NoSlowLink”=dword:00000001
“PerUserLocalSettings”=dword:00000001
“NoGPOListChanges”=dword:00000000
“NoBackgroundPolicy”=dword:00000000
“GenerateGroupPolicy”=“GenerateGroupPolicy”
“EventSources”=hex(7):28,00,46,00,6f,00,6c,00,64,00,65,00,72,00,20,00,52,00,65,
00,64,00,69,00,72,00,65,00,63,00,74,00,69,00,6f,00,6e,00,2c,00,41,00,70,00,
70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,29,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
@=“Quota du disque Microsoft”
“NoMachinePolicy”=dword:00000000
“NoUserPolicy”=dword:00000001
“NoSlowLink”=dword:00000001
“NoBackgroundPolicy”=dword:00000001
“NoGPOListChanges”=dword:00000001
“PerUserLocalSettings”=dword:00000000
“RequiresSuccessfulRegistry”=dword:00000001
“EnableAsynchronousProcessing”=dword:00000000
“DllName”=hex(2):64,00,73,00,6b,00,71,00,75,00,6f,00,74,00,61,00,2e,00,64,00,
6c,00,6c,00,00,00
“ProcessGroupPolicy”=“ProcessGroupPolicy”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{426031c0-0b47-4852-b0ca-ac3d37bfcb39}]
@=“Planificateur de paquets QoS”
“ProcessGroupPolicy”=“ProcessPSCHEDPolicy”
“DllName”=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,
00,00
“NoUserPolicy”=dword:00000001
“NoGPOListChanges”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{42B5FAAE-6536-11d2-AE5A-0000F87571E3}]
@=“Scripts”
“ProcessGroupPolicy”=“ProcessScriptsGroupPolicy”
“ProcessGroupPolicyEx”=“ProcessScriptsGroupPolicyEx”
“GenerateGroupPolicy”=“GenerateScriptsGroupPolicy”
“DllName”=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,
00,00
“NoSlowLink”=dword:00000001
“NoGPOListChanges”=dword:00000001
“NotifyLinkTransition”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
“ProcessGroupPolicy”=“SceProcessSecurityPolicyGPO”
“GenerateGroupPolicy”=“SceGenerateGroupPolicy”
“ExtensionRsopPlanningDebugLevel”=dword:00000001
“ProcessGroupPolicyEx”=“SceProcessSecurityPolicyGPOEx”
“ExtensionDebugLevel”=dword:00000001
“DllName”=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,
00,00
@=“Security”
“NoUserPolicy”=dword:00000001
“NoGPOListChanges”=dword:00000001
“EnableAsynchronousProcessing”=dword:00000001
“MaxNoGPOListChangesInterval”=dword:000003c0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
“ProcessGroupPolicyEx”=“ProcessGroupPolicyEx”
“GenerateGroupPolicy”=“GenerateGroupPolicy”
“ProcessGroupPolicy”=“ProcessGroupPolicy”
“DllName”=hex(2):69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,00,64,00,
6c,00,6c,00,00,00
@=“Personnalisation de Internet Explorer”
“NoSlowLink”=dword:00000001
“NoBackgroundPolicy”=dword:00000000
“NoGPOListChanges”=dword:00000001
“NoMachinePolicy”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}]
“ProcessGroupPolicy”=“SceProcessEFSRecoveryGPO”
“DllName”=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,
00,00
@=“EFS recovery”
“NoUserPolicy”=dword:00000001
“NoGPOListChanges”=dword:00000001
“RequiresSuccessfulRegistry”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{c6dc5466-785a-11d2-84d0-00c04fb169f7}]
@=“Installation de logiciel”
“DllName”=hex(2):61,00,70,00,70,00,6d,00,67,00,6d,00,74,00,73,00,2e,00,64,00,
6c,00,6c,00,00,00
“ProcessGroupPolicyEx”=“ProcessGroupPolicyObjectsEx”
“GenerateGroupPolicy”=“GenerateGroupPolicy”
“NoBackgroundPolicy”=dword:00000000
“RequiresSucessfulRegistry”=dword:00000000
“NoSlowLink”=dword:00000001
“PerUserLocalSettings”=dword:00000001
“EventSources”=hex(7):28,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,
00,6f,00,6e,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,6d,00,65,00,6e,00,
74,00,2c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,
00,29,00,00,00,28,00,4d,00,73,00,69,00,49,00,6e,00,73,00,74,00,61,00,6c,00,
6c,00,65,00,72,00,2c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,
00,6f,00,6e,00,29,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions{e437bc1c-aa7d-11d2-a382-00c04f991e27}]
@=“Sécurité IP”
“ProcessGroupPolicy”=“ProcessIPSECPolicy”
“DllName”=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,
00,00
“NoUserPolicy”=dword:00000001
“NoGPOListChanges”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
“Asynchronous”=dword:00000000
“Impersonate”=dword:00000000
“DllName”=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,
6c,00,00,00
“Logoff”=“ChainWlxLogoffEvent”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
“Asynchronous”=dword:00000000
“Impersonate”=dword:00000000
“DllName”=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,
6c,00,6c,00,00,00
“Logoff”=“CryptnetWlxLogoffEvent”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
“DLLName”=“cscdll.dll”
“Logon”=“WinlogonLogonEvent”
“Logoff”=“WinlogonLogoffEvent”
“ScreenSaver”=“WinlogonScreenSaverEvent”
“Startup”=“WinlogonStartupEvent”
“Shutdown”=“WinlogonShutdownEvent”
“StartShell”=“WinlogonStartShellEvent”
“Impersonate”=dword:00000000
“Asynchronous”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
“DLLName”=“wlnotify.dll”
“Logon”=“SCardStartCertProp”
“Logoff”=“SCardStopCertProp”
“Lock”=“SCardSuspendCertProp”
“Unlock”=“SCardResumeCertProp”
“Enabled”=dword:00000001
“Impersonate”=dword:00000001
“Asynchronous”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
“Asynchronous”=dword:00000000
“DllName”=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,
6c,00,6c,00,00,00
“Impersonate”=dword:00000000
“StartShell”=“SchedStartShell”
“Logoff”=“SchedEventLogOff”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
“Logoff”=“WLEventLogoff”
“Impersonate”=dword:00000000
“Asynchronous”=dword:00000001
“DllName”=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
“DLLName”=“WlNotify.dll”
“Lock”=“SensLockEvent”
“Logon”=“SensLogonEvent”
“Logoff”=“SensLogoffEvent”
“Safe”=dword:00000001
“MaxWait”=dword:00000258
“StartScreenSaver”=“SensStartScreenSaverEvent”
“StopScreenSaver”=“SensStopScreenSaverEvent”
“Startup”=“SensStartupEvent”
“Shutdown”=“SensShutdownEvent”
“StartShell”=“SensStartShellEvent”
“PostShell”=“SensPostShellEvent”
“Disconnect”=“SensDisconnectEvent”
“Reconnect”=“SensReconnectEvent”
“Unlock”=“SensUnlockEvent”
“Impersonate”=dword:00000001
“Asynchronous”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
“Asynchronous”=dword:00000000
“DllName”=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,
6c,00,6c,00,00,00
“Impersonate”=dword:00000000
“Logoff”=“TSEventLogoff”
“Logon”=“TSEventLogon”
“PostShell”=“TSEventPostShell”
“Shutdown”=“TSEventShutdown”
“StartShell”=“TSEventStartShell”
“Startup”=“TSEventStartup”
“MaxWait”=dword:00000258
“Reconnect”=“TSEventReconnect”
“Disconnect”=“TSEventDisconnect”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
“DLLName”=“wlnotify.dll”
“Logon”=“RegisterTicketExpiredNotificationEvent”
“Logoff”=“UnregisterTicketExpiredNotificationEvent”
“Impersonate”=dword:00000001
“Asynchronous”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SCLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
“HelpAssistant”=dword:00000000
“TsInternetUser”=dword:00000000
“SQLAgentCmdExec”=dword:00000000
“NetShowServices”=dword:00000000
“IWAM_”=dword:00010000
“IUSR_”=dword:00010000
“VUSR_”=dword:00010000

Alors Docteur, mon PC est-il en voie de guérison?

Bonne soirée

@+++

Salut Jeanmimi,

J’ai passé l’utilitaire de desinstallation de Panda, J’ai chargé Antivir et paramétré comme indiqué par Bobette Marlow, effectivement super tuto.

Voici le rapport d’antivir:

Avira AntiVir Personal
Date de création du fichier de rapport : lundi 5 octobre 2009 00:03

La recherche porte sur 1772828 souches de virus.

Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (plain) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l’ordinateur : PC-DE-GREG

Informations de version :
BUILD.DAT : 9.0.0.70 18071 Bytes 25/09/2009 12:03:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 04/10/2009 21:30:57
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 21:30:44
ANTIVIR2.VDF : 7.1.6.50 4333568 Bytes 29/09/2009 21:30:50
ANTIVIR3.VDF : 7.1.6.68 216576 Bytes 02/10/2009 21:30:50
Version du moteur : 8.2.1.33
AEVDF.DLL : 8.1.1.2 106867 Bytes 04/10/2009 21:30:55
AESCRIPT.DLL : 8.1.2.35 483707 Bytes 04/10/2009 21:30:54
AESCN.DLL : 8.1.2.5 127346 Bytes 04/10/2009 21:30:54
AERDL.DLL : 8.1.3.2 479604 Bytes 04/10/2009 21:30:54
AEPACK.DLL : 8.2.0.0 422261 Bytes 04/10/2009 21:30:54
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 04/10/2009 21:30:53
AEHEUR.DLL : 8.1.0.166 2003319 Bytes 04/10/2009 21:30:53
AEHELP.DLL : 8.1.7.0 237940 Bytes 04/10/2009 21:30:51
AEGEN.DLL : 8.1.1.67 364916 Bytes 04/10/2009 21:30:51
AEEMU.DLL : 8.1.1.0 393587 Bytes 04/10/2009 21:30:51
AECORE.DLL : 8.1.8.1 184693 Bytes 04/10/2009 21:30:50
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.3.0 44289 Bytes 04/10/2009 21:30:56
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 04/10/2009 21:30:40
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05

Configuration pour la recherche actuelle :
Nom de la tâche…: Contrôle intégral du système
Fichier de configuration…: c:\program files\avira\antivir desktop\sysscan.avp
Documentation…: bas
Action principale…: interactif
Action secondaire…: ignorer
Recherche sur les secteurs d’amorçage maître…: marche
Recherche sur les secteurs d’amorçage…: marche
Secteurs d’amorçage…: C:, D:,
Recherche dans les programmes actifs…: marche
Recherche en cours sur l’enregistrement…: marche
Recherche de Rootkits…: marche
Contrôle d’intégrité de fichiers système…: arrêt
Fichier mode de recherche…: Tous les fichiers
Recherche sur les archives…: marche
Limiter la profondeur de récursivité…: 20
Archive Smart Extensions…: marche
Heuristique de macrovirus…: marche
Heuristique fichier…: moyen
Catégories de dangers divergentes…: +APPL,+GAME,+JOKE,+PCK,+SPR,

Début de la recherche : lundi 5 octobre 2009 00:03

La recherche d’objets cachés commence.
‘31846’ objets ont été contrôlés, ‘0’ objets cachés ont été trouvés.

La recherche sur les processus démarrés commence :
Processus de recherche ‘avscan.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘avcenter.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘SNSetup.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘PcfMgr.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘hpqtra08.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘batmgr.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘avgnt.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘hpwuSchd2.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘HKServ.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘JogServ2.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘qttask.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘WPN511.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘WZCSLDR2.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘LVCOMSX.EXE’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘explorer.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘svchost.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘avguard.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘alg.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘sched.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘spoolsv.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘svchost.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘svchost.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘svchost.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘svchost.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘lsass.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘services.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘winlogon.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘csrss.exe’ - ‘1’ module(s) sont contrôlés
Processus de recherche ‘smss.exe’ - ‘1’ module(s) sont contrôlés
‘29’ processus ont été contrôlés avec ‘29’ modules

La recherche sur les secteurs d’amorçage maître commence :
Secteur d’amorçage maître HD0
[INFO] Aucun virus trouvé !
Secteur d’amorçage maître HD1
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d’amorçage commence :
Secteur d’amorçage ‘C:’
[INFO] Aucun virus trouvé !
Secteur d’amorçage ‘D:’
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( ‘55’ fichiers).

La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans ‘C:’
C:\hiberfil.sys
[AVERTISSEMENT] Impossible d’ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\pagefile.sys
[AVERTISSEMENT] Impossible d’ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentieu.zip
[RESULTAT] Contient le code suspect GEN/PwdZIP
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFraudLoadedt7.zip
[RESULTAT] Contient le code suspect GEN/PwdZIP
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFraudLoadedt8.zip
[RESULTAT] Contient le code suspect GEN/PwdZIP
C:\System Volume Information_restore{6B84AF66-9D4D-4779-925A-33684A6DE442}\RP450\A0079282.dll
[RESULTAT] Contient le cheval de Troie TR/Spy.39424.3
C:\WINDOWS\system32\TFTP1904
[RESULTAT] Le fichier est comprimé à l’aide d’un programme de compression inhabituel (PCK/YodaProt). Veuillez vérifier l’origine de ce fichier.
C:\WINDOWS\system32\TFTP296
[RESULTAT] Contient le modèle de détection du ver WORM/Rbot.TH
C:_OTM\MovedFiles\10042009_145950\WINDOWS\SYSTEM32\winrzc32.dll
[RESULTAT] Contient le cheval de Troie TR/Spy.39424.3
Recherche débutant dans ‘D:’

Début de la désinfection :
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentieu.zip
[RESULTAT] Contient le code suspect GEN/PwdZIP
[REMARQUE] Le résultat positif a été classé comme suspect.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom ‘4b37b504.qua’ !
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFraudLoadedt7.zip
[RESULTAT] Contient le code suspect GEN/PwdZIP
[REMARQUE] Le résultat positif a été classé comme suspect.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom ‘4b37b505.qua’ !
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFraudLoadedt8.zip
[RESULTAT] Contient le code suspect GEN/PwdZIP
[REMARQUE] Le résultat positif a été classé comme suspect.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom ‘4a690176.qua’ !
C:\System Volume Information_restore{6B84AF66-9D4D-4779-925A-33684A6DE442}\RP450\A0079282.dll
[RESULTAT] Contient le cheval de Troie TR/Spy.39424.3
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom ‘4af9b4cc.qua’ !
C:\WINDOWS\system32\TFTP1904
[RESULTAT] Le fichier est comprimé à l’aide d’un programme de compression inhabituel (PCK/YodaProt). Veuillez vérifier l’origine de ce fichier.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom ‘4b1db4e2.qua’ !
C:\WINDOWS\system32\TFTP296
[RESULTAT] Contient le modèle de détection du ver WORM/Rbot.TH
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom ‘4a52b77b.qua’ !
C:_OTM\MovedFiles\10042009_145950\WINDOWS\SYSTEM32\winrzc32.dll
[RESULTAT] Contient le cheval de Troie TR/Spy.39424.3
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom ‘4b37b506.qua’ !

Fin de la recherche : lundi 5 octobre 2009 10:55
Temps nécessaire: 1:54:47 Heure(s)

La recherche a été effectuée intégralement

3184 Les répertoires ont été contrôlés
307467 Des fichiers ont été contrôlés
4 Des virus ou programmes indésirables ont été trouvés
3 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
7 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
307458 Fichiers non infectés
5027 Les archives ont été contrôlées
2 Avertissements
9 Consignes
31846 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés

Tu avais raison, des choses invisibles sont ressorties. Antivir a mis 8 objets en quarantaine.
J’espère que ta journée de boulot a été bonne. Pour ma part je démenage la semaine prochaine et pars à 800 km de Paris.
Merci encore de ton aide. Cela fait très plaisir que des gens passionnés donne des coups de main.
A ce soir.

@ +++

Re-bonjour,

Le programme a tourné parfaitement.
Voici le rapport:

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

–> Recherche:

C:\Combofix.txt: trouvé !
C:\TB.txt: trouvé !
C:\Qoobox: trouvé !
C:_OTM: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\grl\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\grl\Bureau\OTM.exe: trouvé !
C:\Documents and Settings\grl\Bureau\ToolBarSD.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !

J’attends tes instructions. Pour info le traitement a été rapide.

@ +++

Salut Jeanmimi,

Tout d’abord je tenais à te remercier pour ton aide.
J’ai suivi tes conseils à la lettre et mon PC a retrouvé un comportement normal.
J’ai vu ton site et suis chanceux d’avoir reçu ton assistance.
Je suis désormais sur une session limitée et utilise firefox pour naviguer.
La vitesse de navigation est incomparable. En revanche, je n’ai pas réussit à ouvrir de vidéo sur you tube. J’ai suivi le tuto à la lettre et pense que c’est à cause de restriction. Il me demande également de téléchargé flash player?

J’ai encore quelques conseils à te demander (si ce n’est pas trop abusé de ta disponibilité), mon PC rame de plus au démarrage et à l’ouverture des programmes. Je sais c’est pas une bête de course même si il l’a été un jour lol…

Mes disques durs sont loin d’être énorme comme tu l’as souligné…

Je pense que ce ralentissement est sans doute dû à cela !!!
J’ai essayé par le poste de travail de supprimer des programmes et faire de la place en fonction des dernières dates d’utilisation, et vlan je vire real player et maintenant je n’ai plus de commande de son dans la barre en bas à droite.
D’habitude je fais l’apprenti informaticien du dimanche et tâtonne etc… Mais depuis tes conseils je souhaiterai suivre le bon fonctionnement de mon PC, les mises à jours etc…

Comment “purger” mon PC des doublons, triplons quadruplons etc…?
Comment sélectionner au démarrage que les programmes nécessaires et libérer de la puissance?
Comment tout simplement optimiser ses performances en tenant compte bien sur de son age canonique.

J’ai essayé cela:
Le nettoyage de disque calcule la quantité d’espace pouvant se libérer (C:). Cette opération peut nécessité quelques minutes avant de se terminer
En fait cela a duré toute la nuit et rien ne s’est jamais passé…

Ensuite j’ai essayé cela:

[/b]
Cela n’a rien donné

J’ai ensuite essayé une défragmentation sur C: , elle n’a pas démarré.

Pensant qu’il y avait peut être un sale méchant virus qui s’était réintroduit, j’ ai lancé Antivir. Pas de virus mais le traitement a duré 2heures 16 minutes 52 secondes pour 304476 fichiers !!!

Comment faire pour redonné et réagencé mes disques durs qui ont subit mes assauts répétés depuis 10 ans, installant, désinstallant, souvent à la sauvage etc…
Pour ma part je ne pense pas avoir de fichier perso très lourds?!

Bref un bon check up docteur, la révision de la quarantaine loll

Je suis pas très dispo en ce moment , ne m’en veux pas si je tarde à te répondre dans les prochains jours.

Merci beaucoup et si cela te gave dis moi le je comprendrai.

@++++

:bounce:

javascript:void(0);