Bonjour,

Depuis qelques temps j'ais beaucoups de soucis avec Firefox et internet, les pops up ne cessent de s'afficher, lenteur, plantage.....

De plus lorsque je démarre mon pc j'ai maintenant une petite fenetre qui me demande mon mot de pase. Mot e passe que je n'entre pas car inexistant et il m'ouvre quand même window. Quand j'essaye d'installer sp2 il me dit que mon démarage a été modifier et donc ne veut pas l'installer.

Merci de m'aider. Ci dessous un rapport de hijaack.

A signaler que j'ai fait bcps d'analyses dont Ad aware, avg, Spybot et a2 free.

Logfile of HijackThis v1.99.1
Scan saved at 8:53:26, on 27/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijacck\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tilto.be
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123314783550
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145081547115
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: MSNim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Merci encore

Bonjour evina

Problème pour le forum Sécurité. Clique l'icone dans le bandeau au-dessus de ton premier post et demande au modérateur d'y déplacer ton sujet.

En attendant le transfert, fais ce qui est demandé dans ce sujet, dans l'ordre, et poste les rapports AVG anti-spywares et HijackThis. Un(e) astucien(ne) compétent(e) te viendra en aide.

Bonjour

evina la première chose à faire ce serait de mettre à jour ta version d'IE sur windows update

et clbugnot a entièrement raison c'est sur ce forum (sécurité) que tu trouvrea les réponse complémentaire si nécessaier

Cervent

Bonjour Clbugnot , evina

Peux-tu en plus de ce que t a demander Clbugnot s il te plait créer puis envoyer un autre log necessaire au "diagnostic" :

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les droits "Administrateur"

BlackLight (de F-Secure)

Télécharger BlackLight depuis la page:
https://europe.f-secure.com/blacklight/try.shtml
(clic sur le bouton bleu "I accept", puis sur "Download Blacklight Beta graphical user interface version")
Enregistrer le fichier sur le Bureau.

Double-cliquer sur le fichier fsbl.exe et accepter la licence (cocher le bouton devant "I accept the agreement").
Cliquer sur Next puis sur Scan
Attendre (jusqu'à 10 mn).
Pendant le scan, il y a affichage de la liste des dossiers balayés.

En fin d'exécution, le résultat s'affiche.
Cliquer sur Close
Ne pas choisir l'option 2 "Cleaning/Rename" maintenant: il faut analyser le rapport!

Il y a eu création sur le Bureau d'un fichier rapport nommé fsbl.2007xxxxxxx.log (les2007 xxxxxxx sont des chiffres) que tu enverras en réponse

ainsi que le log HijackThis et le rapport avg antispyware7.5

@ suivre.

bonjour et merci pour vos réponses.

Je ne sais malheureusement pas mettre IE à jours tjrs à cause de la non présence du SP2.

j'ai fait les diverses manipulation, easy clean .....

Voilà les deux rapports demandés hijaack et blacklight + spyware terminator:

Hijack

Logfile of HijackThis v1.99.1
Scan saved at 10:33:54, on 27/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\WINDOWS\System32\cidaemon.exe
C:\telechargement\fsbl.exe
C:\hijacck\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60308
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tilto.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60308
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60308
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60308
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60308
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123314783550
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145081547115
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: MSNim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B2AD148D-491C-4BF5-AE5F-B7A3C47C08B8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

spywar terminator:

Spyware Terminator Version: 1.8.7.991
Start time: 27/04/2007 9:57:13
System: Windows XP
User: Limited

Processes Scan
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATOR.EXE [Crawler.com]

Startup Scan

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"MessengerPlus3" = "C:\PROGRAM FILES\MESSENGERPLUS! 3\MSGPLUS.EXE" [ Patchou ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"avast!" = "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [ ALWIL Software ]
"UnlockerAssistant" = "C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE" [ Empty ]
"yrdpaafxjd" = "C:\WINDOWS\SYSTEM32\YRDPAAFXJD.EXE" [ Empty ]
"!AVG Anti-Spyware" = "C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\AVGAS.EXE" [ Anti-Malware Development a.s. ]
"TkBellExe" = "C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE" [ RealNetworks, Inc. ]

Toolbars Scan
Easy-WebPrint {327C2873-E90D-4c37-AA9D-10AC9BABA46C} [file not found]
&Crawler Toolbar {4B3803EA-5230-4DC3-A7FC-33638F3D3542} C:\Program Files\Crawler\Toolbar\ctbr.dll [Crawler.com]

Explorer Bars Scan
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [file not found]
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [file not found]

BHO Scan
{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} C:\Program Files\Crawler\Toolbar\ctbr.dll [Crawler.com]
SSVHelper Class {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\PROGRAM FILES\JAVA\JRE1.5.0_10\BIN\SSV.DLL [Sun Microsystems, Inc.]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [file not found]
Windows Live Sign-in Helper {9030D464-4C02-4ABF-8ECC-5164760863C6} C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\WINDOWS LIVE\WINDOWSLIVELOGIN.DLL [Microsoft Corporation]
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [file not found]
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [file not found]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [file not found]
{85d1f590-48f4-11d9-9669-0800200c9a66} [file not found]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [file not found]
{FB5F1910-F110-11d2-BB9E-00C04F795683} [file not found]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} = Extension Affichage Panorama du Panneau de configuration (deskpan.dll) [file not found]
{88895560-9AA2-1069-930E-00AA0030EBC8} = Extension icône HyperTerminal (C:\WINDOWS\SYSTEM32\HTICONS.DLL) [Hilgraeve, Inc.]
{0DF44EAA-FF21-4412-828E-260A8728E7F1} = Barre des tâches et menu Démarrer () [file not found]
{7A9D77BD-5403-11d2-8785-2E0420524153} = Comptes d'utilisateurs () [file not found]
{E0D79304-84BE-11CE-9641-444553540000} = WinZip (C:\Program Files\WinZip\WZSHLSTB.DLL) [WinZip Computing, Inc.]
{E0D79305-84BE-11CE-9641-444553540000} = WinZip (C:\Program Files\WinZip\WZSHLSTB.DLL) [WinZip Computing, Inc.]
{E0D79306-84BE-11CE-9641-444553540000} = WinZip (C:\Program Files\WinZip\WZSHLSTB.DLL) [WinZip Computing, Inc.]
{E0D79307-84BE-11CE-9641-444553540000} = WinZip (C:\Program Files\WinZip\WZSHLSTB.DLL) [WinZip Computing, Inc.]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player (C:\PROGRAM FILES\REAL\REALPLAYER\RPSHELL.DLL) [RealNetworks, Inc.]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension (C:\PROGRAM FILES\WINRAR\RAREXT.DLL) [Empty]
{ED65AC21-B24F-11d3-BA80-00C0CA16AA37} = Siemens Device () [file not found]
{ED65AC22-B24F-11d3-BA80-00C0CA16AA37} = Siemens Device ContextMenuHandler () [file not found]
{ED65AC23-B24F-11d3-BA80-00C0CA16AA37} = Siemens SX1 PropertySheetHandler () [file not found]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL) [Microsoft Corporation]
{640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
{cc86590a-b60a-48e6-996b-41d25ed39a1e} = Portable Media Devices Menu (C:\WINDOWS\SYSTEM32\AUDIODEV.DLL) [Microsoft Corporation]
{AB77609F-2178-4E6F-9C4B-44AC179D937A} = a² Context Menu Shell Extension () [file not found]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\MLSHEXT.DLL) [Microsoft Corporation]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler (C:\Program Files\Microsoft Office\OFFICE11\OLKFSTUB.DLL) [Microsoft Corporation]
{1530F7EE-5128-43BD-9977-84A4B0FAD7DF} = PhotoToys (C:\WINDOWS\SYSTEM32\PHOTOTOYS.DLL) [Microsoft Corporation]
{472083B0-C522-11CF-8763-00608CC02F24} = avast (C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSHELL.DLL) [ALWIL Software]
{32020A01-506E-484D-A2A8-BE3CF17601C3} = AlcoholShellEx (C:\Program Files\Alcohol Soft\Alcohol 120\AXShlEx.dll) [Alcohol Soft Development Team]
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} = UnlockerShellExtension (C:\PROGRAM FILES\UNLOCKER\UNLOCKERCOM.DLL) [Empty]
{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} = Messenger Sharing Folders (C:\PROGRAM FILES\MSN MESSENGER\FSSHEXT.8.1.0178.00.DLL) [Microsoft Corporation]
{A155339D-CCCD-4714-85EB-3754B804C9DF} = a-squared Free Context Menu Shell Extension (C:\Program Files\a-squared Free\a2freecontmenu.dll) [Emsi Software GmbH]
{BD88A479-9623-4897-8546-BC62B9628F44} = SPTHandler (C:\PROGRAM FILES\SPYWARE TERMINATOR\SPTCONTMENU.DLL) [Crawler.com]

Services Scan
"a347bus" = C:\WINDOWS\SYSTEM32\DRIVERS\A347BUS.SYS [Empty]
"a347scsi" = C:\WINDOWS\SYSTEM32\DRIVERS\A347SCSI.SYS [Empty]
"actser" = C:\WINDOWS\SYSTEM32\DRIVERS\ACTSER.SYS [Siemens AG]
"ADILOADER" = C:\WINDOWS\SYSTEM32\DRIVERS\ADILDR.SYS [Analog Deivces]
"adiusbaw" = C:\WINDOWS\SYSTEM32\DRIVERS\ADIUSBAW.SYS [Analog Devices Inc.]
"Adobe LM Service" = C:\PROGRAM FILES\FICHIERS COMMUNS\ADOBE SYSTEMS SHARED\SERVICE\ADOBELMSVC.EXE [Empty]
"aswRdr" = C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS [ALWIL Software]
"aswUpdSv" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE [ALWIL Software]
"atapi" = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS [Empty]
"avast! Antivirus" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE [ALWIL Software]
"avast! Mail Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE [ALWIL Software]
"avast! Web Scanner" = C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE [ALWIL Software]
"AVG Anti-Spyware Driver" = C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.SYS [Empty]
"AVG Anti-Spyware Guard" = C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE [Anti-Malware Development a.s.]
"AvgAsCln" = C:\WINDOWS\SYSTEM32\DRIVERS\AVGASCLN.SYS [GRISOFT, s.r.o.]
"BlueletAudio" = C:\WINDOWS\SYSTEM32\DRIVERS\BLUELETAUDIO.SYS [IVT Corporation]
"BT" = C:\WINDOWS\SYSTEM32\DRIVERS\BTNETDRV.SYS [IVT Corporation]
"Btcsrusb" = C:\WINDOWS\SYSTEM32\DRIVERS\BTCUSB.SYS [IVT Corporation]
"BTHidEnum" = C:\WINDOWS\SYSTEM32\DRIVERS\VBTENUM.SYS [Empty]
"BTHidMgr" = C:\WINDOWS\SYSTEM32\DRIVERS\BTHIDMGR.SYS [IVT Corporation]
"BTNetFilter" = C:\WINDOWS\SYSTEM32\DRIVERS\BTNETFILTER.SYS [Empty]
"CoachUsb" = System32\DRIVERS\CoachUsb.sys [file not found]
"dmboot" = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS [Microsoft Corp., Veritas Software]
"dmio" = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS [Microsoft Corp., Veritas Software]
"dmload" = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS [Microsoft Corp., Veritas Software.]
"GEARAspiWDM" = C:\WINDOWS\SYSTEM32\DRIVERS\GEARASPIWDM.SYS [GEAR Software Inc.]
"GT680x" = C:\WINDOWS\SYSTEM32\DRIVERS\TR12389.SYS [Empty]
"HPZid412" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZID412.SYS [HP]
"HPZipr12" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZIPR12.SYS [HP]
"HPZius12" = C:\WINDOWS\SYSTEM32\DRIVERS\HPZIUS12.SYS [HP]
"IDriverT" = C:\PROGRAM FILES\FICHIERS COMMUNS\INSTALLSHIELD\DRIVER\11\INTEL 32\IDRIVERT.EXE [Macrovision Corporation]
"itchfltr" = C:\WINDOWS\SYSTEM32\DRIVERS\ITCHFLTR.SYS [Logitech, Inc.]
"L8042pr2" = C:\WINDOWS\SYSTEM32\DRIVERS\L8042PR2.SYS [Logitech, Inc.]
"LMouFlt2" = C:\WINDOWS\SYSTEM32\DRIVERS\LMOUFLT2.SYS [Logitech, Inc.]
"MaRdPnp" = C:\WINDOWS\SYSTEM32\DRIVERS\MARDP2K.SYS [Mobile Action Technology Inc.]
"MaVctrl" = C:\WINDOWS\SYSTEM32\DRIVERS\MAVC2K.SYS [Mobile Action Technology Inc.]
"pfc" = C:\WINDOWS\SYSTEM32\DRIVERS\PFC.SYS [Padus, Inc.]
"Pml Driver HPZ12" = C:\WINDOWS\SYSTEM32\HPZIPM12.EXE [HP]
"PrecSim" = C:\WINDOWS\SYSTEM32\DRIVERS\PRECSIM.SYS [Engelmann GmbH]
"Ptilink" = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS [Parallel Technologies, Inc.]
"razerusb" = C:\WINDOWS\SYSTEM32\DRIVERS\RAZERUSB.SYS [Razer Inc.]
"Secdrv" = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS [Macrovision Europe Ltd]
"SiS315" = C:\WINDOWS\SYSTEM32\DRIVERS\SISGRP.SYS [Silicon Integrated Systems Corporation]
"SiS7012" = C:\WINDOWS\SYSTEM32\DRIVERS\SIS7012.SYS [Silicon Integrated Systems Corporation]
"sisagp" = C:\WINDOWS\SYSTEM32\DRIVERS\SISAGPX.SYS [Silicon Integrated Systems Corporation]
"SiSkp" = C:\WINDOWS\SYSTEM32\DRIVERS\SRVKP.SYS [Silicon Integrated Systems Corporation]
"SISNIC" = C:\WINDOWS\SYSTEM32\DRIVERS\SISNIC.SYS [SiS Corporation]
"SONYPVU1" = C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS [Sony Corporation]
"ssm_bus" = C:\WINDOWS\SYSTEM32\DRIVERS\SSM_BUS.SYS [MCCI]
"ssm_mdfl" = C:\WINDOWS\SYSTEM32\DRIVERS\SSM_MDFL.SYS [MCCI]
"ssm_mdm" = C:\WINDOWS\SYSTEM32\DRIVERS\SSM_MDM.SYS [MCCI]
"UnlockerDriver5" = C:\PROGRAM FILES\UNLOCKER\UNLOCKERDRIVER5.SYS [Empty]
"usb2vcom" = C:\WINDOWS\SYSTEM32\DRIVERS\USB2VCOM.SYS [USB World Technology Inc. http://www.usbworld.net]
"VComm" = C:\WINDOWS\SYSTEM32\DRIVERS\VCOMM.SYS [IVT Corporation]
"VcommMgr" = C:\WINDOWS\SYSTEM32\DRIVERS\VCOMMMGR.SYS [IVT Corporation]

Protocol Filters Scan
Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (C:\WINDOWS\SYSTEM32\URLMON.DLL) [Microsoft Corporation]
text/xml = {807553E5-5146-11D5-A672-00B0D022E945} (C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSOXMLMF.DLL) [Microsoft Corporation]

Hosts Scan
LOCALHOST mapping = 89

IE Scan
IERESET.INF missing Signature="$CHICAGO$"
IERESET.INF missing AdvancedINF=2.5,"You need a new version of advpack.dll"
IERESET.INF missing AddReg=RestoreHomePage.reg
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL%
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","Provider",0,""
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
IERESET.INF missing HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"http://ie.search.msn.com/*"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8"
IERESET.INF missing HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9"
IERESET.INF missing HKCU,"Software\Microsoft\Internet Explorer\Main","AutoSearch"
IERESET.INF missing SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
IERESET.INF missing AddReg=RestoreBrowserSettings.reg
IERESET.INF missing DelReg=DeleteTemplates.reg or DelReg=DeleteTemplates.reg, DeleteAutosearch.reg
IERESET.INF missing START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" or START_PAGE_URL="http://www.msn.com"
IERESET.INF missing SAFESITE_VALUE="http://home.microsoft.com/" or SAFESITE_VALUE="ie.search.msn.com"
IERESET.INF missing MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" or MS_START_PAGE_URL="http://www.msn.com"
TuneUp = file://C|/Documents and Settings/All Users/Application Data/TuneUp Software/Common/base.css HIJACK WARNING!

et enfin black light:

merci

Coucou

Oups ..manque Blacklight. .et avg antispyware7.5 aurait été mieux que spywareterminator

@+

Oui, désolée il l'a pas copier et pas mit sur bureau je le refait.

Re

Ok, pas de sooucis je regarde ton HJT, j attends ton Blacklight

@+

Re

Ton log hjt montre deux adwares, Backweb et Adware-CTBar (Crawlertoolbar)

J attends ton blacklight

@+

Re

Ton log hjt montre deux adwares, Backweb et Adware-CTBar (Crawlertoolbar), mais cene sont pas eux les responsables de tes pop up

J attends ton blacklight

@+

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 11:30:47 27/04/2007

+ Résultat de l'analyse:

:mozilla.9:C:\Documents and Settings\evinamy\Application Data\Mozilla\Firefox\Profiles\mys8znpv.evina\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\evinamy\Application Data\Mozilla\Firefox\Profiles\mys8znpv.evina\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.

Fin du rapport

Je n'arrive pas à avoir un rapport pour le black

Re

---Pour Blacklight rapport nommé fsbl.2007xxxxxxx.log (les2007 xxxxxxx sont des chiffres) sur ton bureau

---Pour AVG-Antispyware, tu as oublié de cliquer sur "appliquer toutes les actions"

Regarde bien : Aucune action entreprise.Rappel

Lance AVG Anti-Spyware

Clique sur le bouton Analyse (de la barre d'outils)

--onglet Paramètres
sous "Comment réagir", clique sur Actions recommandées. Sélectionne Quarantaine.

--onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option 3 "Appliquer toutes les actions " en bas.

Clique sur "Enregistrer le rapport".

@ suivre

04/27/07 10:43:52 [Info]: BlackLight Engine 1.0.61 initialized
04/27/07 10:43:52 [Info]: OS: 5.1 build 2600 (Service Pack 1)
04/27/07 10:43:52 [Note]: 7019 4
04/27/07 10:43:52 [Note]: 7005 0
04/27/07 10:43:55 [Note]: 7006 0
04/27/07 10:43:55 [Note]: 7011 980
04/27/07 10:43:55 [Note]: 7026 0
04/27/07 10:43:56 [Note]: 7026 0
04/27/07 10:43:56 [Note]: 7024 3
04/27/07 10:43:56 [Info]: Hidden process: C:\windows\system32\yrdpaafxjd.exe
04/27/07 10:44:08 [Note]: FSRAW library version 1.7.1021
04/27/07 10:50:10 [Info]: Hidden file: c:\WINDOWS\system32\yrdpaafxjd.dat
04/27/07 10:50:10 [Note]: 10002 1
04/27/07 10:50:10 [Info]: Hidden file: C:\windows\system32\yrdpaafxjd.exe
04/27/07 10:50:10 [Note]: 10002 1
04/27/07 10:50:11 [Info]: Hidden file: c:\WINDOWS\system32\yrdpaafxjd_nav.dat
04/27/07 10:50:11 [Note]: 10002 1
04/27/07 10:50:12 [Info]: Hidden file: c:\WINDOWS\system32\yrdpaafxjd_navps.dat
04/27/07 10:50:12 [Note]: 10002 1
04/27/07 11:02:52 [Note]: 7007 0

Le voilà enfin , il n'était pas sur lebureau mais bien ds le dosier des téléchargement. lol

Re

Ca y est, bien joué, je te prepare procedure

@ suivre

Re

Note :Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procedure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redemarrera en mode sans echec)

2)Redemarre en mode sans echec
Voir D ) http://forum.pcastuces.com/sujet.asp?f=25&s=3902
Il te faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

3)Navipromo

lance le fichier Navipromo.bat qui se trouve dans le dossier Navipromo, sur ton bureau.

* Sélectionne l'option "Recherche et suppression automatique".

Patiente.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert

* Relance l'outil, Sélectionne l'option "Suppression Heuristique", et patiente quelques minutes.
Lorsqu'il a terminé, ferme le rapport qui s'est ouvert

4) BFU

----BFU, EGDACCESS
Lancer Brute Force Uninstaller par un double clic sur BFU.exe
A droite de la zone "Scriptfile to execute" cliquer sur l'icône jaune représentant un dossier ouvert.
Dans la fenêtre qui s'ouvre, faire un double clic sur EGDACCESS.bfu
Cocher la case située devant "Show log after script ends"
Cliquer sur Execute.
Attendre que Complete script execution apparaîsse et cliquer sur OK.
Cliquer sur Exit pour fermer le programme
Recommence encore une fois

----BFU, Winsoftware
Relancer Brute Force Uninstaller par un double clic sur BFU.exe
A droite de la zone "Scriptfile to execute" cliquer sur l'icône jaune représentant un dossier ouvert.
Dans la fenêtre qui s'ouvre, faire un double clic sur Winsoftware.bfu
Cocher la case située devant "Show log after script ends"
Cliquer sur Execute.
Attendre que Complete script execution apparaîsse et cliquer sur OK
Cliquer sur Exit pour fermer le programme
Recommence encore une fois

5)Fermer toutes les fenêtres de programme.
Lancer HijackThis sur PC Astuces">HijackThis.
Cocher la case située devant les lignes ci-dessous, puis cliquer sur Fix checked :

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

ainsi que toute les lignes 018 a l'exception de (sauf ) les 2 lignes qui suivent

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: MSNim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

6)Va dans Démarrer -> panneau de configuration -> options internet

Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

electronic-group - egroup - Montorgueil - VIP - "Sunny Day Design Ltd"

=> Supprime-les tous

7)Démarrer--->Exécuter--->copie colle cela
regsvr32.exe /u "C:\Programfiles\CrawlerToolbar\ctbr.dll"

puis valide avec ok

Navigue jusqu' a C/ProgramFiles/Crawler Toolbar/ctbr.dll

Localise et supprime ctbr.dll

8) lance CCleaner sur PC Astuces">CCleaner

onglet nettoyage / lancer le nettoyage (2 fois de suite)

9) Redemarre en mode normal et poste le contenu du fichier Navipromo.txt qui se trouve dans Poste de travail > disque C:\...ainsi qu un nouveau hjt dont tu postera le log et dit moi si ton pc va mieux

Bon courage, @ +