Trojan downlaoder de l'aide

Question

Voici une analyse faite avec Hijack.   Merci de me dire si des lignes sont a supprimer?CDT,Logfile of HijackThis v1.99.1Scan saved at 11:40:16, on 05/02/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exeC:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exeC:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\ASUS\Probe\AsusProb.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Logitech\iTouch\iTouch.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Fichiers communs\Real\Update_OBealsched.exeC:\Program Files\SlySoft\AnyDVD\AnyDVD.exeC:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEC:\Program Files\Logitech\ImageStudio\LogiTray.exeC:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exeC:\Program Files\D-Tools\daemon.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Fichiers communs\Symantec Shared\ccApp.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\Program Files\Logitech\Profiler\lwemon.exeC:\Program Files\Shareaza\Shareaza.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Logitech\MouseWare\system\em_exec.exeC:\Program Files\VlcOM\vlcom.exeC:\Program Files\Logitech\ImageStudio\LowLight.exeC:\WINDOWS\system32\DRIVERS\CDANTSRV.EXEC:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\aylal\Bureau\HijackThis.exeC:\Program Files\Messenger\msmsgs.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fortuneo.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dllO2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exeO4 - HKLM\..\Run: [NVidia System Utility]

^^Marie^^ · Answer

Bonjour,Explique un peu ton problème...Es-tu sûr que ton log est complet ??A+

aylal · Answer

Bonjour,Je repose le log.J'ai fait une analyse avec Norton comme tous les vendredi soirs. Il m'indique qu'il a trouvé 2 virus Trojan et n'arrive pas a les supprimer. J'ai fais une analyse avec Ad-aware et pareil plusieurs virus dont certain mis en Quarantine par norton. Bref... j'ai passé ma soirée a parcourir les forums, a faire des analyse avec differents logiciel et telecharger des petits programmer pour supprimer ces trojan.Norton ne trouve plus rien. Kaspersky me trouve deux trojan: il s'agit de fichier mis en "Quarantine" par norton.  Je voudrai etre sur que tout est reglé.Voici de nouveau mon log:Logfile of HijackThis v1.99.1Scan saved at 12:03:50, on 05/02/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exeC:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exeC:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\ASUS\Probe\AsusProb.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Logitech\iTouch\iTouch.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Fichiers communs\Real\Update_OBealsched.exeC:\Program Files\SlySoft\AnyDVD\AnyDVD.exeC:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEC:\Program Files\Logitech\ImageStudio\LogiTray.exeC:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exeC:\Program Files\D-Tools\daemon.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Fichiers communs\Symantec Shared\ccApp.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\Program Files\Logitech\Profiler\lwemon.exeC:\Program Files\Shareaza\Shareaza.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Logitech\MouseWare\system\em_exec.exeC:\Program Files\VlcOM\vlcom.exeC:\Program Files\Logitech\ImageStudio\LowLight.exeC:\WINDOWS\system32\DRIVERS\CDANTSRV.EXEC:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Outlook Express\msimn.exeC:\Documents and Settings\aylal\Bureau\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fortuneo.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dllO2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exeO4 - HKLM\..\Run: [NVidia System Utility] "C:\Program Files\NVIDIA Corporation\NVIDIA System Utility\NVSystemUtility.exe" clearO4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /ConsumerO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exeO4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.ExeO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osbootO4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exeO4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEO4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exeO4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exeO4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFLO4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -uO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /autoO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /nouiO4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -trayO4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - Startup: vlcom.lnk = C:\Program Files\VlcOM\vlcom.exeO4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exeO4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Sam.lnk = ?O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cabO16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cabO16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/FR/install.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://servicesv4.moviesystem.com/cabs/msway.cabO18 - Protocol: bw+0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw+0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw-0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw-0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw00 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw00s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw10 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw10s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw20 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw20s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw30 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw30s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw40 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw40s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw50 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw50s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw60 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw60s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw70 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw70s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw80 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw80s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw90 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw90s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwa0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwa0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwb0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwb0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwc0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwc0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwd0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwd0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwe0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwe0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwf0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwf0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: bwg0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwg0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwh0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwh0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwi0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwi0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwj0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwj0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwk0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwk0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwl0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwl0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwm0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwm0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwn0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwn0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwo0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwo0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwp0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwp0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwq0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwq0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwr0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwr0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bws0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bws0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwt0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwt0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwu0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwu0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwv0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwv0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bww0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bww0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwx0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwx0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwy0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwy0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwz0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwz0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: offline-8876480 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXEO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exeO23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeO23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXEO23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exeO23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exeO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

aylal · Answer

Bonjour, Je pose le log. J'ai fait une analyse avec Norton comme tous les vendredi soirs. Il m'indique qu'il a trouvé 2 virus Trojan et n'arrive pas a les supprimer. J'ai fais une analyse avec Ad-aware et pareil plusieurs virus dont certain mis en Quarantine par norton. Bref... j'ai passé ma soirée a parcourir les forums, a faire des analyse avec differents logiciel et telecharger des petits programmer pour supprimer ces trojan. Norton ne trouve plus rien. Kaspersky me trouve deux trojan: il s'agit de fichier mis en "Quarantine" par norton. Je voudrai etre sur que tout est reglé. Voici de nouveau mon log: Logfile of HijackThis v1.99.1 Scan saved at 12:03:50, on 05/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\Profiler\lwemon.exe C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\VlcOM\vlcom.exe C:\Program Files\Logitech\ImageStudio\LowLight.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Outlook Express\msimn.exe C:\Documents and Settings\aylal\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fortuneo.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local> O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [NVidia System Utility] "C:\Program Files\NVIDIA Corporation\NVIDIA System Utility\NVSystemUtility.exe" clear O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe" -osboot O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: vlcom.lnk = C:\Program Files\VlcOM\vlcom.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Sam.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/FR/install.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://servicesv4.moviesystem.com/cabs/msway.cab O18 - Protocol: bw+0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Kristopher · Answer

Bonjour aylal,

Pourquoi poster deux fois le même message ??

Tu es toujours infecté (entre autres par le Ver Gaobot.BC) :

- Télécharge et scanne ton PC avec Ewido Security Suite : http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31851.html
Copie/colle le rapport sur le forum.

++

aylal · Answer

OK, merci. Voici le le resultat du log: (desolé pour les deux post)

---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 15:40:05, 05/02/2006
+ Somme de contrôle: 904966A4

+ Résultats du scan:

C:\Documents and Settings\aylal\Application Data\Mercora\MercoraClient\Data\MyPictures.dat -> Spyware.Grokster : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@adtech[2].txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@atdmt[2].txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@com[2].txt -> Spyware.Cookie.Com : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@fl01.ct2.comclick[2].txt -> Spyware.Cookie.Comclick : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@weborama[2].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@wreport.weborama[1].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Cookies\aylal@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\aylal\Mes documents\Downloads\Actinic 7 (Developer-Business-Catalog) Full With Crack.zip/Actinic 7/CRACK/Launch Catalog.exe -> Not-A-Virus.Joke.VB.k : Nettoyer et sauvegarder
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : Nettoyer et sauvegarder

::Fin du rapport

Merci pour l'analyse et conseils

aylal · Answer

Voici de nouveau le log, merci pour toute l'aide que vous m'apportez.Logfile of HijackThis v1.99.1Scan saved at 15:55:19, on 05/02/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exeC:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exeC:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\ASUS\Probe\AsusProb.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Logitech\iTouch\iTouch.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Fichiers communs\Real\Update_OBealsched.exeC:\Program Files\SlySoft\AnyDVD\AnyDVD.exeC:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEC:\Program Files\Logitech\ImageStudio\LogiTray.exeC:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exeC:\Program Files\D-Tools\daemon.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Fichiers communs\Symantec Shared\ccApp.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\Program Files\Logitech\Profiler\lwemon.exeC:\Program Files\Shareaza\Shareaza.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Logitech\MouseWare\system\em_exec.exeC:\Program Files\VlcOM\vlcom.exeC:\Program Files\Logitech\ImageStudio\LowLight.exeC:\WINDOWS\system32\DRIVERS\CDANTSRV.EXEC:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\ewido anti-malware\ewidoguard.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\Messenger\msmsgs.exeC:\Documents and Settings\aylal\Bureau\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fortuneo.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dllO2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exeO4 - HKLM\..\Run: [NVidia System Utility] "C:\Program Files\NVIDIA Corporation\NVIDIA System Utility\NVSystemUtility.exe" clearO4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /ConsumerO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exeO4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.ExeO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osbootO4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exeO4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEO4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exeO4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exeO4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFLO4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -uO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /autoO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /nouiO4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -trayO4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - Startup: vlcom.lnk = C:\Program Files\VlcOM\vlcom.exeO4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exeO4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Sam.lnk = ?O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cabO16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cabO16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/FR/install.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://servicesv4.moviesystem.com/cabs/msway.cabO18 - Protocol: bw+0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw+0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw-0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw-0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw00 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw00s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw10 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw10s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw20 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw20s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw30 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw30s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw40 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw40s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw50 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw50s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw60 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw60s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw70 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw70s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw80 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw80s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw90 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw90s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwa0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwa0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwb0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwb0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwc0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwc0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwd0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwd0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwe0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwe0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwf0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwf0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: bwg0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwg0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwh0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwh0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwi0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwi0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwj0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwj0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwk0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwk0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwl0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwl0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwm0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwm0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwn0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwn0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwo0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwo0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwp0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwp0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwq0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwq0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwr0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwr0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bws0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bws0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwt0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwt0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwu0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwu0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwv0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwv0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bww0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bww0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwx0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwx0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwy0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwy0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwz0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwz0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: offline-8876480 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXEO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exeO23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exeO23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exeO23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeO23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXEO23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exeO23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exeO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

aylal · Answer

Je suis en train de faire une passe avec Kaspersky, je vais poster le log dans un instant. Je crois qu'il reste encore des virus, peut certains mis par Norton en Quarantainea tout de suite

aylal · Answer

Voici le resultat de l'analyse avec Kaspersky. Comment supprimer ces virus qui sont detecter?

Cdt,

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, February 05, 2006 17:33:08
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 5/02/2006
Kaspersky Anti-Virus database records: 164305
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
H:\

Scan Statistics:
Total number of scanned objects: 54654
Number of viruses found: 4
Number of infected objects: 6
Number of suspicious objects: 0
Duration of the scan process: 3237 sec

Infected Object Name - Virus Name
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0135000E.exe Infected: Trojan-Downloader.Win32.IstBar.on
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2AE65308.tmp Infected: Trojan-Downloader.Win32.IstBar.nj
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\563A7BD5.tmp Infected: Email-Worm.Win32.VB.an
C:\Documents and Settings\aylal\Local Settings\Application Data\Identities\{672F7D57-E897-4632-A563-BE2E9D88DA32}\Microsoft\Outlook Express\Dossier de Norton AntiSpam.dbx/[From [Norton AntiSpam] Urgent Notification From BiIIing Department][Date Sun, 22 Jan 2006 01:08:48 +0600]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.hn
C:\Documents and Settings\aylal\Local Settings\Application Data\Identities\{672F7D57-E897-4632-A563-BE2E9D88DA32}\Microsoft\Outlook Express\Dossier de Norton AntiSpam.dbx/[From [Norton AntiSpam] Urgent Notification From BiIIing Department][Date Sun, 22 Jan 2006 01:08:48 +0600]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn
C:\Documents and Settings\aylal\Local Settings\Application Data\Identities\{672F7D57-E897-4632-A563-BE2E9D88DA32}\Microsoft\Outlook Express\Dossier de Norton AntiSpam.dbx Infected: Trojan-Spy.HTML.Bayfraud.hn

Scan process completed.

aylal · Answer

Voici le resultat de l'analyse avec Panda:

Incident Statut Analyse

Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\aylal\Bureau\Nouveau dossier\Process.exe
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\aylal\Cookies\aylal@weborama[2].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\aylal\Cookies\aylal@xiti[1].txt
Adware:Adware/IST.SaferScan No Désinfecté C:\Program Files\SaferScan\uninstall.exe
Adware:Adware/WinTools No Désinfecté C:\WINDOWS\system32\grwinsthlp.exe
Adware:adware/wupd No Désinfecté C:\WINDOWS\system32\ide21201.vxd

aylal · Answer

Ok, c'est fait sauf que le fichier ide212101.vxd est introuvable.Voici le denier log:Merci de me dire quelques lignes sont encore suspectes?Logfile of HijackThis v1.99.1Scan saved at 20:50:38, on 05/02/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeC:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exeC:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exeC:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\ASUS\Probe\AsusProb.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Logitech\iTouch\iTouch.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Fichiers communs\Real\Update_OBealsched.exeC:\Program Files\SlySoft\AnyDVD\AnyDVD.exeC:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEC:\Program Files\Logitech\ImageStudio\LogiTray.exeC:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exeC:\Program Files\D-Tools\daemon.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Fichiers communs\Symantec Shared\ccApp.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\Program Files\Logitech\Profiler\lwemon.exeC:\Program Files\Shareaza\Shareaza.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Logitech\MouseWare\system\em_exec.exeC:\Program Files\VlcOM\vlcom.exeC:\Program Files\Logitech\ImageStudio\LowLight.exeC:\WINDOWS\system32\DRIVERS\CDANTSRV.EXEC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\Program Files\ewido anti-malware\ewidoguard.exeC:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXEC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Messenger\msmsgs.exeC:\Documents and Settings\aylal\Bureau\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fortuneo.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dllO2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exeO4 - HKLM\..\Run: [NVidia System Utility] "C:\Program Files\NVIDIA Corporation\NVIDIA System Utility\NVSystemUtility.exe" clearO4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /ConsumerO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exeO4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.ExeO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osbootO4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exeO4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXEO4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exeO4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exeO4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFLO4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -uO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /nouiO4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -trayO4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - Startup: vlcom.lnk = C:\Program Files\VlcOM\vlcom.exeO4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exeO4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Sam.lnk = ?O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cabO16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cabO16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/FR/install.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://servicesv4.moviesystem.com/cabs/msway.cabO18 - Protocol: bw+0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw+0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw-0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw-0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw00 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw00s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw10 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw10s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw20 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw20s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw30 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw30s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw40 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw40s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw50 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw50s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw60 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw60s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw70 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw70s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw80 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw80s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw90 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bw90s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwa0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwa0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwb0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwb0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwc0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwc0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwd0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwd0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwe0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwe0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwf0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwf0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: bwg0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwg0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwh0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwh0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwi0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwi0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwj0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwj0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwk0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwk0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwl0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwl0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwm0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwm0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwn0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwn0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwo0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwo0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwp0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwp0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwq0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwq0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwr0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwr0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bws0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bws0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwt0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwt0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwu0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwu0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwv0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwv0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bww0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bww0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwx0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwx0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwy0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwy0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwz0 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: bwz0s - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO18 - Protocol: offline-8876480 - {E633018B-F4F4-40C9-B765-6A44A812E0D1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dllO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXEO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exeO23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exeO23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exeO23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exeO23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXEO23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exeO23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exeO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

aylal · Answer

Bonsoir,

Voici un log fait avec Kaspersky. Je souhaite savoir comment supprimer ces virus:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, February 05, 2006 22:04:12
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 5/02/2006
Kaspersky Anti-Virus database records: 164341
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
H:\

Scan Statistics:
Total number of scanned objects: 55901
Number of viruses found: 3
Number of infected objects: 3
Number of suspicious objects: 0
Duration of the scan process: 3362 sec

Infected Object Name - Virus Name
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0135000E.exe Infected: Trojan-Downloader.Win32.IstBar.on
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2AE65308.tmp Infected: Trojan-Downloader.Win32.IstBar.nj
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\563A7BD5.tmp Infected: Email-Worm.Win32.VB.an

Scan process completed.

aylal · Answer

merci a tous le pb est reglé

Trojan downlaoder de l'aide

12 réponses

Votre réponse

Discussions similaires

Newsletters