Trojan downloader.istbar.ok

Résolu
alex33610 Messages postés 37 Statut Membre -  
Kristopher Messages postés 3752 Statut Contributeur -
Bonjour je suis nouveau ,voila mon probleme j'ai un cheval de :trojan downloader.istbar.ok,le probleme c'est qu'il est dans mon e.
Et il est dans e/recycler,j'ai beau vider ma poubelle ,fichiers temps et tempory internets files il y est toujours .j'ai fais la meme chose en ayant avant desactivé la restauration systeme mais je l'arrive pas a l'enlever pour info je suis sous xp pro et antivirus bitdefender.
s'il vous plait aider moi.
merci d'avance

27 réponses

  • 1
  • 2
Résumé de la discussion

Un Trojan Downloader ISTBar.OK est présent sur le lecteur E et dans le dossier E:\RECYCLER, résistant aux vidages de corbeille et à la désactivation de la restauration système.
Plusieurs réponses recommandent d'analyser les journaux avec HijackThis et de réaliser un balayage en ligne, par exemple via Kaspersky Online Scanner, puis de traiter les entrées O18 et les composants associés.
Des outils comme BitDefender, Ewido et Panda signalent des éléments infectés ou impossibles à désinfecter, ce qui souligne la nécessité d'une approche multi-outils et d'une suppression manuelle des éléments malveillants.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Bonjour et bienvenue sur CCM alex33610 :)

    Effectue ces manipulations dans l'ordre :

    1/
    Télécharge et scanne ton PC avec Ewido Security Suite : http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31851.html
    Copie/colle le rapport sur le forum.

    2/
    Scanne ton PC avec cet antivirus en ligne : http://www.pandasoftware.com/activescan/fr/activescan_principal.htm
    Copie/colle le rapport sur le forum.

    3/ Télécharge HijackThis : http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/29061.html
    - Installe le dans son propre dossier.
    Par exemple, C:\HijackThis
    Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.
    Regarde la démo : http://pageperso.aol.fr/balltrap34/demohijack.htm

    Bonne chance :)

    ++
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      Bonjour et encore merci de m'aider c 'est cool pour moi.
      Voilà je vais d'abord te coller le rapport de mon antivirus Bitdefender,après le rapport ewidos,après le rapport de panda et pour finir Hijackthis.
      Et encore merci pour ton aide.

      rapport Bitdefender:

      //-----------------------------------------------------------------
      //
      // Product: BitDefender 8 Professional Plus
      // Version: 8.0
      //
      // Créé le: 16/03/2006 13:02:41
      //
      //-----------------------------------------------------------------


      Statistiques

      Chemin cible: C:\
      D:\
      E:\
      G:\
      Dossiers : 3259
      Fichiers : 216618
      Archives : 2999
      Fichiers empaquetés : 19754
      Virus trouvés : 1
      Fichiers infectés : 1
      Alertes : 0
      Fichiers suspects : 0
      Fichiers désinfectés : 0
      Fichiers effacés : 0
      Fichiers copiés : 0
      Fichiers déplacés : 0
      Fichiers renommés : 0
      Erreurs I/O : 45
      Temps d'analyse := 01:32:04
      Fichiers/seconde :39

      Définitions virus : 321859
      Plugins d'analyse : 13
      Plugins archives : 39
      Plug-ins décompression : 4
      Plug-ins messagerie : 6
      Plug-ins système : 1

      Options d'analyse

      Détection
      [X] Analyser le secteur de boot
      [X] Analyser les archives
      [X] Analyser les fichiers en paquets
      [X] Analyser la messagerie

      Masque fichiers
      [ ] Programmes
      [X] Tous les fichiers
      [ ] Extensions définies par l'utilisateur:
      [ ] Exclure les extensions: ;

      Action

      Objets infectés
      [ ] Ignorer
      [X] Désinfecter
      [ ] Effacer
      [ ] Copier
      [ ] Déplacer dans le dossier infectés
      [ ] Renommer
      [ ] Demander l'action

      Seconde action
      [ ] Ignorer
      [ ] Effacer
      [ ] Copier
      [X] Déplacer dans le dossier infectés
      [ ] Renommer
      [ ] Demander l'action

      Options d'analyse
      [X] Activer les alertes
      [X] Activer l'heuristique
      [ ] Afficher tous les fichiers dans le journal
      [X] Fichier journal : vscan.log
      [ ] Rajouter au rapport existant

      Sommaire :

      E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0=>YSB_toolBar.exe=>(NSIS o)=>lzma_nsis0004 Infectés avec Trojan.Downloader.IstBar.OK
      E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0=>YSB_toolBar.exe=>(NSIS o)=>lzma_nsis0004 Désinfection impossible
      E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0=>YSB_toolBar.exe=>(NSIS o)=>lzma_nsis0004 Déplacement impossible

      Rapport ewido:
      ---------------------------------------------------------
      ewido anti-malware - Rapport de scan
      ---------------------------------------------------------

      + Créé le: 14:15:12, 16/03/2006
      + Somme de contrôle: 9A94C617

      + Résultats du scan:

      C:\Documents and Settings\alex\Cookies\alex@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
      C:\Documents and Settings\alex\Cookies\alex@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
      C:\Program Files\PestPatrol\Quarantine\20060120130712.zip/Documents and Settings/alex/Cookies/alex@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
      C:\Program Files\PestPatrol\Quarantine\20060120130712.zip/Documents and Settings/alex/Cookies/alex@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
      C:\Program Files\PestPatrol\Quarantine\20060120130712.zip/Documents and Settings/alex/Cookies/alex@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder


      ::Fin du rapport

      rapport Panda:

      Incident Statut Analyse

      Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\alex\Cookies\alex@xiti[1].txt
      Virus:Eicar.Mod No Désinfecté C:\Program Files\Fichiers communs\Wise Installation Wizard\WISFA1B3B7A98D04F54B5557711A6E54544_4_2.MSI[HowCanITestDetection.html]
      Virus:Eicar.Mod No Désinfecté C:\Program Files\PestPatrol\Help.chm[HowCanITestDetection.html]
      Joke:Joke/Stress No Désinfecté D:\Mes Documents\Progs divers\reducteur de stress.exe
      Adware:Adware/IST.ISTBar No Désinfecté E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0[YSB_toolBar.exe]
      rapport Hijackthis:
      Logfile of HijackThis v1.99.1
      Scan saved at 15:00:31, on 16/03/2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\logonui.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
      C:\program files\softwin\bitdefender8\bdnagent.exe
      E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe
      C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      E:\CyberLink\PowerDVD\PDVDServ.exe
      C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
      C:\Program Files\Softwin\BitDefender8\bdswitch.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\WINDOWS\System32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\CameraAssistant.exe
      C:\WINDOWS\System32\ElkCtrl.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      E:\Valve\Steam\Steam.exe
      E:\ewido anti-malware\ewidoctrl.exe
      E:\ewido anti-malware\ewidoguard.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      C:\Program Files\Softwin\BitDefender8\vsserv.exe
      c:\progra~1\softwin\bitdef~1\bdmcon.exe
      C:\WINDOWS\System32\rsvp.exe
      c:\progra~1\softwin\bitdef~1\bdlite.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\PROGRA~1\PESTPA~1\ppmemcheck.exe
      C:\PROGRA~1\PESTPA~1\cookiepatrol.exe
      C:\PROGRA~1\PESTPA~1\ppcontrol.exe
      D:\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
      O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
      O4 - HKLM\..\Run: [BDNewsAgent] c:\program files\softwin\bitdefender8\bdnagent.exe
      O4 - HKLM\..\Run: [Windows Bootup] Systemwks32.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
      O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
      O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
      O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      O4 - HKLM\..\Run: [RemoteControl] E:\CyberLink\PowerDVD\PDVDServ.exe
      O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
      O4 - HKLM\..\Run: [QuickTime Task] "E:\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
      O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
      O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
      O4 - HKLM\..\Run: [TrojanScanner] E:\Trojan Remover\Trjscan.exe
      O4 - HKLM\..\RunServices: [Windows Bootup] Systemwks32.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [PcSync] E:\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
      O4 - HKCU\..\Run: [NBJ] "E:\Nero\NEROBA~1\NBJ.exe"
      O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [Steam] "E:\Valve\Steam\Steam.exe" -silent
      O4 - Startup: PPControl.lnk = ?
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Picture Package Menu.lnk = E:\Picture Package Menu\SonyTray.exe
      O4 - Global Startup: Picture Package VCD Maker.lnk = ?
      O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
      O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
      O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/03cef82229f6f5cfb919/netzip/RdxIE601_fr.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://appldnld.m7z.net/qtinstall.info.apple.com/pthalo/fr/win/QuickTimeFullInstaller.exe
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113684653749
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135077920843
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
      O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
      O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://ax.emsisoft.com/axscan.cab
      O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
      O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/feeding_frenzy/SproutLauncher.cab
      O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
      O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
      O18 - Protocol: bw+0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O18 - Protocol: offline-8876480 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
      O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      O23 - Service: ewido security suite control - ewido networks - E:\ewido anti-malware\ewidoctrl.exe
      O23 - Service: ewido security suite guard - ewido networks - E:\ewido anti-malware\ewidoguard.exe
      O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe (file missing)
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
      O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

      J'attends tes réponses,merci d'avance
      0
  2. alex33610 Messages postés 37 Statut Membre
     
    Bonjour et encore merci de m'aider c 'est cool pour moi.
    Voilà je vais d'abord te coller le rapport de mon antivirus Bitdefender,après le rapport ewidos,après le rapport de panda et pour finir Hijackthis.
    Et encore merci pour ton aide.

    rapport Bitdefender:

    //-----------------------------------------------------------------
    //
    // Product: BitDefender 8 Professional Plus
    // Version: 8.0
    //
    // Créé le: 16/03/2006 13:02:41
    //
    //-----------------------------------------------------------------

    Statistiques

    Chemin cible: C:\
    D:\
    E:\
    G:\
    Dossiers : 3259
    Fichiers : 216618
    Archives : 2999
    Fichiers empaquetés : 19754
    Virus trouvés : 1
    Fichiers infectés : 1
    Alertes : 0
    Fichiers suspects : 0
    Fichiers désinfectés : 0
    Fichiers effacés : 0
    Fichiers copiés : 0
    Fichiers déplacés : 0
    Fichiers renommés : 0
    Erreurs I/O : 45
    Temps d'analyse := 01:32:04
    Fichiers/seconde :39

    Définitions virus : 321859
    Plugins d'analyse : 13
    Plugins archives : 39
    Plug-ins décompression : 4
    Plug-ins messagerie : 6
    Plug-ins système : 1

    Options d'analyse

    Détection
    [X] Analyser le secteur de boot
    [X] Analyser les archives
    [X] Analyser les fichiers en paquets
    [X] Analyser la messagerie

    Masque fichiers
    [ ] Programmes
    [X] Tous les fichiers
    [ ] Extensions définies par l'utilisateur:
    [ ] Exclure les extensions: ;

    Action

    Objets infectés
    [ ] Ignorer
    [X] Désinfecter
    [ ] Effacer
    [ ] Copier
    [ ] Déplacer dans le dossier infectés
    [ ] Renommer
    [ ] Demander l'action

    Seconde action
    [ ] Ignorer
    [ ] Effacer
    [ ] Copier
    [X] Déplacer dans le dossier infectés
    [ ] Renommer
    [ ] Demander l'action

    Options d'analyse
    [X] Activer les alertes
    [X] Activer l'heuristique
    [ ] Afficher tous les fichiers dans le journal
    [X] Fichier journal : vscan.log
    [ ] Rajouter au rapport existant

    Sommaire :

    E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0=>YSB_toolBar.exe=>(NSIS o)=>lzma_nsis0004 Infectés avec Trojan.Downloader.IstBar.OK
    E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0=>YSB_toolBar.exe=>(NSIS o)=>lzma_nsis0004 Désinfection impossible
    E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0=>YSB_toolBar.exe=>(NSIS o)=>lzma_nsis0004 Déplacement impossible

    Rapport ewido:
    ---------------------------------------------------------
    ewido anti-malware - Rapport de scan
    ---------------------------------------------------------

    + Créé le: 14:15:12, 16/03/2006
    + Somme de contrôle: 9A94C617

    + Résultats du scan:

    C:\Documents and Settings\alex\Cookies\alex@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
    C:\Documents and Settings\alex\Cookies\alex@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Program Files\PestPatrol\Quarantine\20060120130712.zip/Documents and Settings/alex/Cookies/alex@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
    C:\Program Files\PestPatrol\Quarantine\20060120130712.zip/Documents and Settings/alex/Cookies/alex@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
    C:\Program Files\PestPatrol\Quarantine\20060120130712.zip/Documents and Settings/alex/Cookies/alex@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder

    ::Fin du rapport

    rapport Panda:

    Incident Statut Analyse

    Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\alex\Cookies\alex@xiti[1].txt
    Virus:Eicar.Mod No Désinfecté C:\Program Files\Fichiers communs\Wise Installation Wizard\WISFA1B3B7A98D04F54B5557711A6E54544_4_2.MSI[HowCanITestDetection.html]
    Virus:Eicar.Mod No Désinfecté C:\Program Files\PestPatrol\Help.chm[HowCanITestDetection.html]
    Joke:Joke/Stress No Désinfecté D:\Mes Documents\Progs divers\reducteur de stress.exe
    Adware:Adware/IST.ISTBar No Désinfecté E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0[YSB_toolBar.exe]
    rapport Hijackthis:
    Logfile of HijackThis v1.99.1
    Scan saved at 15:00:31, on 16/03/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
    C:\program files\softwin\bitdefender8\bdnagent.exe
    E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    E:\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
    C:\Program Files\Softwin\BitDefender8\bdswitch.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\System32\ElkCtrl.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    E:\Valve\Steam\Steam.exe
    E:\ewido anti-malware\ewidoctrl.exe
    E:\ewido anti-malware\ewidoguard.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender8\vsserv.exe
    c:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\WINDOWS\System32\rsvp.exe
    c:\progra~1\softwin\bitdef~1\bdlite.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\PESTPA~1\ppmemcheck.exe
    C:\PROGRA~1\PESTPA~1\cookiepatrol.exe
    C:\PROGRA~1\PESTPA~1\ppcontrol.exe
    D:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
    O4 - HKLM\..\Run: [BDNewsAgent] c:\program files\softwin\bitdefender8\bdnagent.exe
    O4 - HKLM\..\Run: [Windows Bootup] Systemwks32.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [RemoteControl] E:\CyberLink\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "E:\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [TrojanScanner] E:\Trojan Remover\Trjscan.exe
    O4 - HKLM\..\RunServices: [Windows Bootup] Systemwks32.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PcSync] E:\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [NBJ] "E:\Nero\NEROBA~1\NBJ.exe"
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Steam] "E:\Valve\Steam\Steam.exe" -silent
    O4 - Startup: PPControl.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = E:\Picture Package Menu\SonyTray.exe
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/03cef82229f6f5cfb919/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://appldnld.m7z.net/qtinstall.info.apple.com/pthalo/fr/win/QuickTimeFullInstaller.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113684653749
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135077920843
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://ax.emsisoft.com/axscan.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/feeding_frenzy/SproutLauncher.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: bw+0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: ewido security suite control - ewido networks - E:\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - E:\ewido anti-malware\ewidoguard.exe
    O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

    J'attends tes réponses,merci d'avance
    0
  3. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Salut,

    À quoi correspond E: ?

    Ton disque dur E: ou ton lecteur CD ROM ou encore autre chose ?

    ++
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      C'est un disque dur ou il y a que mes programmes
      0
    2. alex33610 Messages postés 37 Statut Membre
       
      Encore merci de m'aider,j'espere qu'on va trouver quelque chose pour iliminer ce cheval de toie
      0
  4. alex33610 Messages postés 37 Statut Membre
     
    E c'est une partition ou j'ai mes programmes
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. alex33610 Messages postés 37 Statut Membre
     
    c'est un dur
    0
  7. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Salut,

    "c'est un dur"

    Peut être bien que c'est un dur (ce trojan) mais t'inquiètes on va essayer de l'éradiquer ^^

    ~~ Effectue mes presciptions dans l'ordre : ~~

    1/ Affiche tous les fichiers et dossiers :
    Clique sur "démarrer" -> "Panneau de configuration" -> "Outils" (tout en haut) -> Options des dossiers... -> "Affichage".

    Coche : afficher les fichiers et dossiers cachés

    Décoche
    les cases :
    -masquer les fichiers protégés du système d'exploitation (recommandé)
    -masquer les extensions dont le type est connu

    Clique sur "Appliquer", puis "Ok"

    2/ Suis le chemin :
    E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0

    Et efface le fichier en gras.

    Dis moi si tu y parviens. Si non, je te donnerai un programme spécial pour l'effacer :)

    ++
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      Dis moi j'arrive bien sur E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005,mais dans le dossier il y a rien,il n'y a pas le dossier De5.RB0
      0
    2. Kristopher Messages postés 3752 Statut Contributeur 106
       
      Attends, je regarde ton log HijackThis, t'es bien infecté !
      0
      1. alex33610 Messages postés 37 Statut Membre > Kristopher Messages postés 3752 Statut Contributeur
         
        re salut je sais pas si tu as vu ça:
        rapport Panda:

        Incident Statut Analyse

        Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\alex\Cookies\alex@xiti[1].txt
        Virus:Eicar.Mod No Désinfecté C:\Program Files\Fichiers communs\Wise Installation Wizard\WISFA1B3B7A98D04F54B5557711A6E54544_4_2.MSI[HowCanITestDetection.html]
        Virus:Eicar.Mod No Désinfecté C:\Program Files\PestPatrol\Help.chm[HowCanITestDetection.html]

        une petite question je suppose que suis infecter la aussi?

        on va peut etre y arriver enfin pour l'instant c'est toi qui fait tout le boulot,merci encore
        0
  8. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Ouai j'ai vu.

    Je vais te mettre la manip dans quelques minutes.

    Fais déjà ceci en attendant :

    Télécharge et nettoie ton PC avec ces deux logiciels :

    CCLEANER http://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
    Tutorial là : http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
    CleanUp40
    http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
    Démo d’utilisation :
    http://pageperso.aol.fr/balltrap34/democleanup.htm

    ++
    0
  9. Kristopher Messages postés 3752 Statut Contributeur 106
     
    boom !

    Voilà la manip. :)

    ~~ Effectue mes presciptions dans l'ordre : ~~

    1/ Redémarre le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou bien F5 selon la version de Windows) et tu choisis le mode sans échec).

    2/ Lance HijackThis, puis -> Do a system scan only et
    coche ces lignes :

    O4 - HKLM\..\Run: [Windows Bootup] Systemwks32.exe
    O4 - HKLM\..\RunServices: [Windows Bootup] Systemwks32.exe
    O4 - Startup: PPControl.lnk = ?

    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/03cef82229f6f5cfb919/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://appldnld.m7z.net/qtinstall.info.apple.com/pthalo/fr/win/QuickTimeFullInstaller.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113684653749
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135077920843
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://ax.emsisoft.com/axscan.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/feeding_frenzy/SproutLauncher.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

    O18 - Protocol: bw+0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {F145602C-E1E7-40C7-A4ED-D3BA92CE82C9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    /!\ Prends garde à ne cocher que les 018 que je t'ai indiqué /!\

    Ensuite, clique sur "Fix checked".

    3/ Reviens en mode normal.

    4/ Clique sur "démarrer"-> "Exécuter…" et tape "services.msc"

    Repère ce service néfaste (en gras) :

    O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe (file missing)

    Double clic sur ce service, puis clique sur "Arrêter" et mets le sur "Désactivé".

    5/ Télécharge CounterSpy sur :

    http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/31393.html

    6/ Mets le programme à jour, scannes en mode Full System (par défaut) et supprime ce qu'il trouve (+ vide la quarantaine si il y a des fichiers).

    7/ Après avoir installé CounterSpy, tu vas dans :
    System Tools -> My PC Checkup -> Start -> Tu sélectionnes tout -> Continue (ça équivaut à la vaccination de Spybot mais en + balaise).

    8/ Remets un nouveau log HijackThis.

    J'crois qu'y a pas moyen de faire plus détaillé :D

    Amuse Toi bien ^^
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      merci pour ton aide je fais tout ça et je te recontact et encore merci
      0
    2. Kristopher Messages postés 3752 Statut Contributeur 106
       
      Ok ça marche :)

      Tu peux faire un copier/coller puis imprimer la manip. ce sera plus simple ^^
      0
      1. alex33610 Messages postés 37 Statut Membre > Kristopher Messages postés 3752 Statut Contributeur
         
        Salut dis moi quand j'ai lancé cleanup a la fin une fenetre c'est ouverte et ma mis ça

        Prtection de fichiers windows:
        Des fichiers necessaires au fonctionnement de windows ont été remplacé par des fichiers d'une version non reconnue.Pour maintenir la stabilité du systeme,windows doit restaurer la versions originale de ces fichiers.

        Inserer le cd rom windows XP professionel maintenant

        Recommencer Informations Annuler


        C'est grave je fais quoi?,
        0
      2. Kristopher Messages postés 3752 Statut Contributeur 106 > Kristopher Messages postés 3752 Statut Contributeur
         
        Salut,

        Je ne sais pas ce que tu as fait, mais je t'avais donné un lien pour une démo d'utilisation :
        http://pageperso.aol.fr/balltrap34/democleanup.htm

        Il ne fallait surtout pas rien changer dans les options !

        Essaie d'improviser maintenant : insère le cd rom Windows XP professionnel et suis les étapes.

        Dis nous ce qu'il en est après.
        0
      3. alex33610 Messages postés 37 Statut Membre > Kristopher Messages postés 3752 Statut Contributeur
         
        salut j'ai fait exactement comme sur le lien que tu m'as indiquer tu veux que je t'envoie le rapport?
        0
  10. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Envoie un log HijackThis après avoir effectué toutes les manip. du poste < 14 > car on va pas y passer des siècles...

    ;-)
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      ok je fais ça de suite merci de ta patience
      0
  11. alex33610 Messages postés 37 Statut Membre
     
    j'y insere le cd et la fenetre est partie je te joins le rapport si sa peut etre utile j'espere que c 'est pas grave

    CleanUp! started on 03/17/06 12:54:29.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\aol_fr_branding_background_image.gif.122482.1[1].gif - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\dictionary[1] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\dictionary[2] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\dictionary[3] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\dictionary[4] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\dictionary[5] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\dictionary[6] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\2B074T8F\dictionary[7] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\LNR7954E\democleanup[1].htm - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\LNR7954E\promos[2].js - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\PGCJXTGD\affich-2147678-trojan-downloader-istbar-ok[1] currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\SBO129A5\democleanup[1].swf - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\SBO129A5\dictionary[1] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\SBO129A5\dictionary[2] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\SBO129A5\dictionary[3] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\SBO129A5\ - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\VASVJ185\adsWrapper[1].js - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\VASVJ185\gros_logo.gif.1500003044.1[1].gif - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\WH0J0F4B\adsEnd[1].js - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\WH0J0F4B\dictionary[1] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\WH0J0F4B\dictionary[2] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\WH0J0F4B\dictionary[3] - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\WH0J0F4B\pixel[1].gif - deleted
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\PGCJXTGD\affich-2147678-trojan-downloader-istbar-ok[1] currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\PGCJXTGD\affich-2147678-trojan-downloader-istbar-ok[1] currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\PGCJXTGD\affich-2147678-trojan-downloader-istbar-ok[1] currently in use. Will be deleted when Windows is restarted.
    http://pageperso.aol.fr/balltrap34/democleanup.swf - deleted
    http://pageperso.aol.fr/balltrap34/democleanup.htm - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=cliquez&langpair=en|fr&sig=62345014444&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=bouton&langpair=en|fr&sig=61839806186&hl=fr - deleted
    http://ar.atwola.com/file/adsWrapper.js - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=cocher&langpair=en|fr&sig=63732313770&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=la&langpair=en|fr&sig=6367721691&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=emplacement&langpair=en|fr&sig=6412982352&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=votre&langpair=en|fr&sig=62700676669&hl=fr - deleted
    http://ar.atwola.com/file/adsEnd.js - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=panneau&langpair=en|fr&sig=62205468051&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=aol&langpair=en|fr&sig=6649611246&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=suppression&langpair=en|fr&sig=62683399832&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=le&langpair=en|fr&sig=62304567262&hl=fr - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=supprimer&langpair=en|fr&sig=63818670180&hl=fr - deleted
    http://ht-brands.aol.com/PromoArt/gros_logo.gif.1500003044.1.gif - deleted
    http://hometown-art.aol.com/main/pixel.gif - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=pc&langpair=en|fr&sig=63754439844&hl=fr - deleted
    http://ht-brands.aol.com/promos.js?i=122047,122053 - deleted
    http://www.google.com/tbproxy/dictionary?sourceid=navclient&ie=UTF-8&oe=UTF-8&text=temps&langpair=en|fr&sig=6277337075&hl=fr - deleted
    http://ht-brands.aol.com/PromoArt/aol_fr_branding_background_image.gif.122482.1.gif - deleted
    C:\Documents and Settings\alex\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Historique\History.IE5\MSHist012005123020051231\index.dat - deleted
    C:\Documents and Settings\alex\Local Settings\Historique\History.IE5\MSHist012005123020051231\ - deleted
    C:\Documents and Settings\alex\Local Settings\Historique\History.IE5\MSHist012006031720060318\index.dat currently in use. Will be deleted when Windows is restarted.
    'Typed URLs' (Internet Explorer) - removed from the registry.
    Visited: alex@javascript:/ - deleted
    Visited: alex@http://fr.kelkoo.com/b2b/sitesearch/top3WaitingPage.jsp?partner=kelkoo&partnerId=8909897&param=eJw9j9FqgzAUhl_lV9506jlJmugglLF5URx1bLuXLI1t0KmkFjfIwy9K2dX5-h-OOXy4AwREACBAkDYucHysysNTfBxaq7YcEbf9YJ2-TNP4mKaTU7o1LgnzZE7D7asLQQ-fqe6sbvejxAyIiJSkOc0Zi86hYJzk0c118n5jnuek6ZVe9z4upmtS5SarO5Oo67h-ez_8SBQZBc6jytmz7WVZvJZVVX8W5b15Xt7JX3P15mcc3FQHD0IzrBEZMp4JygQVS2KcCQ7_X9JjkKYkJysA_sAPAH4V3izCm1UYE5FTKggv4p3vB-8HqYxZRA!!&searchId=export_1012381_1141468734737_114464760&url=merchantRedirect.jsp%3Fpartner%3Dkelkoo%26link%3Dhttp%253A%252F%252Ftracker.tradedoubler.com%252Fclick%253Fp%253D18027%2526a%253D393944%2526g%253D184629%2526url%253Dhttp%253A%252F%252Fwww.fnac.com%252FShelf%252Farticle.asp%253FPRID%253D1783066%2526Origin%253DKELKOO_TEK%2526OriginClick%253Dyes&catId=100020213 - deleted
    Visited: alex@http://pageperso.aol.fr/balltrap34/democleanup.htm - deleted
    Visited: alex@http://fe.lea.lycos.fr/event.ng/Type=click&FlightID=225356&AdID=478627&TargetID=73514&Segments=6,7,119,346,1737,1738,2755,2789,3223,3235,3727,5269,9254,13813,16045,16293,16540,16646,17034,17035,17036,17037,17238,17352,17554,18006,18124,18259,19111,19130,19549,19697,19818,20940,20963,21702,21817,21897,21929,23692,23753,25428,26322,26922,26923,27955,28077,28078,28375,29880,32100,32466,35637,38969,38971,38994,43361,44231,45295,47155,49889,50980,52076,53477,53935,53936,54083,54125,56021,56367,57041,57054,57120,57265,57494,57570,57844,58450,58573,58919,58920,59328,59398,59399,59529,59530&Targets=53050,55163,73514&Values=31,43,51,63,81,102,110,145,150,155,212,229,246,9497,9512,15682,16652,19141,24182,50784,63993,80522,87724,88070,90059,126641,366449,412823,412837,412864,412942,412954,412985,412987,412988,413004,521175,523532&RawValues=KEYWORDID%2Ctrojan%2520downloader.istbar.ok%2CKEYWORDID%2Ctrojan%2CKEYWORDID%2Cdownloader.istbar.ok&Redirect=http://adfarm.mediaplex.com/ad/ck/709-4893-3826-41?RedirectEnter&partner=32517&loc=http%3A//search%2Eebay%2Efr/search/search%2Edll%3FMfcISAPICommand%3DGetResult%26ht%3D1%26cgiurl%3Dhttp%253A%252F%252Fcgi%2Eebay%2Efr%252Fws%252F%26SortProperty%3DMetaEndSort%26shortcut%3D4%26maxRecordsReturned%3D300%26maxRecordsPerPage%3D50%26SortProperty%3DMetaEndSort%26ebaytag1code%3D71%26newu%3D1%26query%3Dtrojan downloader.istbar.ok - deleted
    Visited: alex@about:Home - deleted
    C:\Documents and Settings\alex\Cookies\alex@google[1].txt - deleted
    C:\Documents and Settings\alex\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
    Cookie:alex@google.com/ - deleted
    C:\Documents and Settings\alex\Local Settings\Application Data\Identities\{7BD870E4-9877-4BE8-A6DC-523AF811767C}\Microsoft\Outlook Express\V.I.P.com.dbx - deleted
    C:\Documents and Settings\alex\Local Settings\Application Data\Identities\{7BD870E4-9877-4BE8-A6DC-523AF811767C}\Microsoft\Outlook Express\cleanup.log - deleted
    C:\Documents and Settings\alex\Local Settings\Application Data\Identities\{B7585A65-72E7-4ABF-BDFE-AD1B9A9561C7}\Microsoft\Outlook Express\cleanup.log - deleted
    C:\DOCUME~1\alex\LOCALS~1\Temp\IadHide5.dll currently in use. Will be deleted when Windows is restarted.
    C:\DOCUME~1\alex\LOCALS~1\Temp\jusched.log - deleted
    C:\DOCUME~1\alex\LOCALS~1\Temp\MSIcc0f4.LOG - deleted
    C:\DOCUME~1\alex\LOCALS~1\Temp\IadHide5.dll currently in use. Will be deleted when Windows is restarted.
    C:\WINDOWS\001234_.tmp - deleted
    C:\WINDOWS\SET3.tmp - deleted
    C:\WINDOWS\SET7.tmp - deleted
    C:\WINDOWS\temp\tmp000024ff\tmp00000000 currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\Default User\Cookies\index.dat - deleted
    C:\Documents and Settings\Default User\locals~1\tempor~1\Content.IE5\index.dat - deleted
    C:\Documents and Settings\alex\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\locals~1\tempor~1\Content.IE5\PGCJXTGD\affich-2147678-trojan-downloader-istbar-ok[1] currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temp\IadHide5.dll currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\PGCJXTGD\affich-2147678-trojan-downloader-istbar-ok[1] currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\Administrateur\Cookies\index.dat - deleted
    C:\Documents and Settings\Administrateur\locals~1\tempor~1\Content.IE5\index.dat - deleted
    C:\WINDOWS\Prefetch\BDLITE.EXE-0CC92E28.pf - deleted
    C:\WINDOWS\Prefetch\BDLITE.EXE-26DF66D0.pf - deleted
    C:\WINDOWS\Prefetch\BDMCON.EXE-0F04C4F1.pf - deleted
    C:\WINDOWS\Prefetch\BDNEWS.EXE-282F7C41.pf - deleted
    C:\WINDOWS\Prefetch\BDSS.EXE-00372D30.pf - deleted
    C:\WINDOWS\Prefetch\CALEND~1.SCR-04C19830.pf - deleted
    C:\WINDOWS\Prefetch\CCLEANER.EXE-26B31E67.pf - deleted
    C:\WINDOWS\Prefetch\CLEANMGR.EXE-1F86EA8E.pf - deleted
    C:\WINDOWS\Prefetch\CLEANUP.EXE-10F167F3.pf - deleted
    C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted
    C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf - deleted
    C:\WINDOWS\Prefetch\EMULE.EXE-0656D942.pf - deleted
    C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf - deleted
    C:\WINDOWS\Prefetch\IDRIVER.EXE-342E2A76.pf - deleted
    C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf - deleted
    C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted
    C:\WINDOWS\Prefetch\JAVA.EXE-2427EF62.pf - deleted
    C:\WINDOWS\Prefetch\JUCHECK.EXE-197A10BB.pf - deleted
    C:\WINDOWS\Prefetch\Layout.ini - deleted
    C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf - deleted
    C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted
    C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf - deleted
    C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf - deleted
    C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf - deleted
    C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
    C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
    C:\WINDOWS\Prefetch\PPCONTROL.EXE-01540BCE.pf - deleted
    C:\WINDOWS\Prefetch\REALPLAY.EXE-00EF7A73.pf - deleted
    C:\WINDOWS\Prefetch\RUNDLL32.EXE-207199BC.pf - deleted
    C:\WINDOWS\Prefetch\RUNDLL32.EXE-26DA8C9B.pf - deleted
    C:\WINDOWS\Prefetch\RUNDLL32.EXE-4145C529.pf - deleted
    C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf - deleted
    C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted
    C:\WINDOWS\Prefetch\UPGREPL.EXE-09CDC31E.pf - deleted
    C:\WINDOWS\Prefetch\VSSERV.EXE-04261B9B.pf - deleted
    C:\WINDOWS\Prefetch\WINAMP.EXE-0977E4F3.pf - deleted
    C:\WINDOWS\Prefetch\WINWORD.EXE-357D347C.pf - deleted
    C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
    C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA4.pf - deleted
    C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
    C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat - deleted
    C:\Documents and Settings\alex\Application Data\Adobe\FileBrowser\PhotoshopCS\index.dat - deleted
    C:\Documents and Settings\alex\Application Data\Google\GoogleEarth\myplaces.kml.tmp - deleted
    C:\Documents and Settings\alex\Application Data\Kazaa Lite\db\np.tmp - deleted
    C:\Documents and Settings\alex\Application Data\Microsoft\Address Book\alex.wa~ - deleted
    C:\Documents and Settings\alex\Application Data\Microsoft\Address Book\ALEXANDRE.wa~ - deleted
    C:\Documents and Settings\alex\Application Data\Microsoft\Office\Récents\~WRO0001.doc.lnk - deleted
    C:\Documents and Settings\alex\Application Data\Microsoft\Office\Récents\~WRO0705.doc.lnk - deleted
    C:\Documents and Settings\alex\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Historique\History.IE5\MSHist012006031720060318\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\alex\UserData\index.dat - deleted
    C:\Documents and Settings\All Users\Application Data\ISx1E.tmp - deleted
    C:\Documents and Settings\All Users\Application Data\ISx21.tmp - deleted
    C:\Documents and Settings\All Users\Application Data\ISx3A.tmp - deleted
    C:\Documents and Settings\All Users\Application Data\ISx43.tmp - deleted
    C:\Documents and Settings\All Users\Application Data\ISx56.tmp - deleted
    C:\Documents and Settings\All Users\DRM\DRMv1.bak - deleted
    C:\Documents and Settings\Default User\Local Settings\Historique\History.IE5\index.dat - deleted
    C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdc.ini.bak - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\clasid.bak - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\alex\Data\2ea7\UserProf.bak - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\alex\Data\2ea7\Stats.tmp - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\alex\Data\2eaa\UserProf.bak - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\alex\Data\2eaa\Stats.tmp - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\alex\Data\2eaa\10685e1b\_bw_info.tmp - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\alex\Data\7552\UserProf.bak - deleted
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\alex\Data\7552\Stats.tmp - deleted
    C:\WINDOWS\Help\wmplayer.bak - deleted
    C:\WINDOWS\inf\mplayer2.bak - deleted
    C:\WINDOWS\PCHEALTH\HELPCTR\Config\Cache\Professional_32_1036.dat.bak - deleted
    C:\WINDOWS\PCHEALTH\HELPCTR\OfflineCache\index.dat - deleted
    C:\WINDOWS\Resources\Themes\Luna\luna.msstyles - deleted
    C:\WINDOWS\security\edb.chk - deleted
    C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk - deleted
    C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\3057925866089dfbd20ab09ff71e90a4\BIT87.tmp - deleted
    C:\WINDOWS\system32\CONFIG.TMP - deleted
    C:\WINDOWS\system32\setb0.tmp - deleted
    C:\WINDOWS\system32\CatRoot2\edb.chk - deleted
    C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - deleted
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - deleted
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012005041620050417\index.dat - deleted
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
    C:\WINDOWS\system32\NtmsData\NTMSDATA.BAK - deleted
    C:\WINDOWS\system32\usmt\migwiz.exe.manifest - deleted
    D:\drmv2key.bak - deleted
    D:\Mes Documents\Emails et favoris\Emails\ALEXANDRE.wa~ - deleted
    D:\Mes Documents\Mariage\~WRL0001.tmp - deleted
    D:\Mes Documents\Mariage\Photos fredo\'05_04_22_01\DCIM\101MSDCF\DSC00004.JPG.bak - deleted
    D:\Mes Documents\Mariage\Photos fredo\'05_04_22_01\DCIM\101MSDCF\DSC00013.JPG.bak - deleted
    E:\Audacity\Fuenmayor.aup.bak - deleted
    E:\eChanblard\downloads.bak - deleted
    E:\eChanblard\config\clients.met.bak - deleted
    E:\eChanblard\config\eMule Light.tmpl - deleted
    E:\eChanblard\config\eMule.tmpl - deleted
    E:\eChanblard\Temp\001.part.met.bak - deleted
    E:\eChanblard\Temp\002.part.met.bak - deleted
    E:\eChanblard\Temp\003.part.met.bak - deleted
    E:\eChanblard\Temp\004.part.met.bak - deleted
    E:\Picture Package Applications\help\AutoVideo\Contents\Video_topics\images_video\SavF0.tmp - deleted
    'Run MRU' list - removed from the registry.
    Paint Recent File List - removed from the registry.
    WordPad Recent File List - removed from the registry.
    Telnet's MRU list - removed from the registry.
    CleanUp! 4.0 recovered 18.1 MB of disk space from 159 files.
    CleanUp! finished on 03/17/06 12:55:15.
    0
  12. Kristopher Messages postés 3752 Statut Contributeur 106
     
    ??
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      Bonjour desolé de ne pas t'avoir repondu avant mais hier aprem j'ai eu un probleme reseau avesc mon fournisseur d'accés il modifier le standard donc pas d'internet,j'ai vraiment pas de chance vivement que tout marche comme il faut,j'espere que j'abuse pas merci encore.
      Pour en revenir au dernier rapport c'etait celui de clean up pour info.
      Au fait hier j'ai suivi la procedure du post 14 apres avoir redemarré en mode sans echec et avoir lancé HijackThis je trouve bien tout ce que tu m'as signalier sauf les 018,j'en ai bien mais pas ceux que tu m'as dis donc est ce que je selectionne quand meme ceux là:
      O4 - HKLM\..\Run: [Windows Bootup] Systemwks32.exe
      O4 - HKLM\..\RunServices: [Windows Bootup] Systemwks32.exe
      O4 - Startup: PPControl.lnk = ?

      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/03cef82229f6f5cfb919/netzip/RdxIE601_fr.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://appldnld.m7z.net/qtinstall.info.apple.com/pthalo/fr/win/QuickTimeFullInstaller.exe
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113684653749
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135077920843
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
      O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
      O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://ax.emsisoft.com/axscan.cab
      O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
      O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/feeding_frenzy/SproutLauncher.cab
      O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
      O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

      Et appliquer le reste du post,encore desolé de te prendre tout ceux temps
      0
      1. Utilisateur anonyme > alex33610 Messages postés 37 Statut Membre
         
        Salut,

        Oui, puis mets un nouveau rapport hijackthis dès que c'est fait stp car c'est à en plus rien comprendre .. :-/
        0
  13. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Salut alex33610,

    Je pense que tu as largement eu le temps d'effectuer toutes les manip. ;)

    Comme te l'a confirmé l'ami boule, tu peux fixer les lignes indiquées.

    Puis, après avoir bien pris le soin d'effectuer toutes les manip. (c'est important) remets nous un nouveau log HijackThis pour qu'on y voit plus clair :)

    ++
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      salut jequand je tape services.msc j'arrive dansservice mais je trouve pas celui que tu m'as indiquer tu veux que je fasse quoi?
      0
      1. alex33610 Messages postés 37 Statut Membre > alex33610 Messages postés 37 Statut Membre
         
        ça y est je l'ai trouvé mais il est sur desactivé déjà
        0
  14. alex33610 Messages postés 37 Statut Membre
     
    voila le rapport apres avoir tout fait:
    Logfile of HijackThis v1.99.1
    Scan saved at 18:41:52, on 18/03/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
    C:\program files\softwin\bitdefender8\bdnagent.exe
    E:\ewido anti-malware\ewidoctrl.exe
    C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
    C:\Program Files\Softwin\BitDefender8\bdswitch.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    E:\ewido anti-malware\ewidoguard.exe
    C:\WINDOWS\System32\ElkCtrl.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    E:\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
    E:\Picture Package Menu\SonyTray.exe
    E:\Picture Package Applications\Residence.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Softwin\BitDefender8\vsserv.exe
    E:\Counterspy\sunThreatEngine.exe
    E:\Counterspy\SunProtectionServer.exe
    E:\Counterspy\SunServer.exe
    D:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
    O4 - HKLM\..\Run: [BDNewsAgent] c:\program files\softwin\bitdefender8\bdnagent.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
    O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunServer] E:\Counterspy\sunserver.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PcSync] E:\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = E:\Picture Package Menu\SonyTray.exe
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O18 - Protocol: bw+0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: ewido security suite control - ewido networks - E:\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - E:\ewido anti-malware\ewidoguard.exe
    O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    0
  15. alex33610 Messages postés 37 Statut Membre
     
    excuse c'etait le mauvais rapport voilà le bon encore desolé:
    Logfile of HijackThis v1.99.1
    Scan saved at 18:46:15, on 18/03/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
    C:\program files\softwin\bitdefender8\bdnagent.exe
    E:\ewido anti-malware\ewidoctrl.exe
    C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
    C:\Program Files\Softwin\BitDefender8\bdswitch.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    E:\ewido anti-malware\ewidoguard.exe
    C:\WINDOWS\System32\ElkCtrl.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    E:\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
    E:\Picture Package Menu\SonyTray.exe
    E:\Picture Package Applications\Residence.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Softwin\BitDefender8\vsserv.exe
    E:\Counterspy\sunThreatEngine.exe
    E:\Counterspy\SunProtectionServer.exe
    E:\Counterspy\SunServer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
    O4 - HKLM\..\Run: [BDNewsAgent] c:\program files\softwin\bitdefender8\bdnagent.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
    O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunServer] E:\Counterspy\sunserver.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PcSync] E:\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = E:\Picture Package Menu\SonyTray.exe
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O18 - Protocol: bw+0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: ewido security suite control - ewido networks - E:\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - E:\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender8\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    0
  16. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Re,

    1/ Coche et fixe ces lignes :

    O18 - Protocol: bw+0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    O18 - Protocol: offline-8876480 - {C3CA2373-78DA-48F0-B41D-B552401A083B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe (file missing)

    2/ Fais ceci :

    Affiche tous les fichiers et dossiers :
    Clique sur "démarrer" -> "Panneau de configuration" -> "Outils" (tout en haut) -> Options des dossiers... -> "Affichage".

    Coche : afficher les fichiers et dossiers cachés

    Décoche
    les cases :
    -masquer les fichiers protégés du système d'exploitation (recommandé)
    -masquer les extensions dont le type est connu

    Clique sur "Appliquer", puis "Ok"

    3/ Si tu le trouves, efface le fichier en gras :

    C:\WINDOWS\System32\hwclock.exe

    4/ Remets un nouveau log HijackThis.

    +++++++++++++
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      il n'y est pas dans C:\WINDOWS\System32\hwclock.exe
      tu veux je cherche autre chose
      0
  17. Kristopher Messages postés 3752 Statut Contributeur 106
     
    pfff j'ai analysé l'autre rapport pour rien :-/

    Tu sais même pas ce que tu colles ?!

    Bon...

    a+
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      désolé je me melange un peu les pedales excuse moi encore
      0
  18. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Re,

    Tu sais alex, c'est très délicat et compliqué d'analyser un log HijackThis.

    Alors si on plus on nous dit que c'était pas le bon log et qu'il en faudra donc analyser un autre... c'est un peu agaçant tu vois.

    En gros, tu fixes toutes les 018 sauf celle-ci :

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

    Ensuite,

    Scanne ton PC avec cet antivirus en ligne :
    http://www.kaspersky.com/virusscanner
    - Choisis "Kaspersky Online Scanner"
    - Clique sur "Accept" -> "Next" -> "My computer"
    - Laisse le scan se faire et copie/colle le rapport ici (si infecté)

    Tâche de bien faire le travail cette fois-ci, le poste devient long et lassant, un peu comme le temps dernièrement.

    a+
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      Voilà le rapport toujours là dommage pour moi,je te le collevoilà:
      KASPERSKY ON-LINE SCANNER REPORT
      Saturday, March 18, 2006 8:21:19 PM
      Operating System: Microsoft Windows XP Professional, (Build 2600)
      Kaspersky On-line Scanner version: 5.0.78.0
      Kaspersky Anti-Virus database last update: 18/03/2006
      Kaspersky Anti-Virus database records: 171726


      Scan Settings
      Scan using the following antivirus database standard
      Scan Archives true
      Scan Mail Bases true

      Scan Target My Computer
      A:\
      C:\
      D:\
      E:\
      F:\
      G:\

      Scan Statistics
      Total number of scanned objects 43953
      Number of viruses found 1
      Number of infected objects 3
      Number of suspicious objects 0
      Duration of the scan process 00:52:30

      Infected Object Name Virus Name Last Action
      E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0/YSB_toolBar.exe/stream Infected: Trojan-Downloader.Win32.IstBar.no skipped

      E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0/YSB_toolBar.exe Infected: Trojan-Downloader.Win32.IstBar.no skipped

      E:\RECYCLER\S-1-5-21-1060284298-796845957-725345543-1005\De5.RB0 ZIP: infected - 2 skipped

      Scan process completed.
      0
  19. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Salut,

    J'avoue, il est balaise le trojan :D

    Après avoir mis CounterSpy à jour, scanne ton PC avec en mode Full System (très important) et copie/colle le rapport stp.

    Si tu ne peux pas copier/coller le rapport, fais un screenshot et envoie nous l'image.

    Tu pourras le faire par l'intermédiaire de ce site :
    http://cjoint.com/

    Bien à Toi ^^
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      salut comment tu fait pour arriver a afficher et copier le rapport
      0
      1. alex33610 Messages postés 37 Statut Membre > alex33610 Messages postés 37 Statut Membre
         
        voilà le rapport:
        Spyware Scan Details
        Start Date: 18/03/2006 21:37:08
        End Date: 18/03/2006 22:03:59
        Total Time: 26 mins 51 secs

        Detected spyware

        Accoona.Toolbar Toolbar more information...
        Details: The Accoona Toolbar is a Internet Explorer toolbar that is bundled and installed with other programs.
        Status: Ignored

        Infected files detected
        E:\FreeBrowser\FreeBrowser\KILL.EXE


        Advertbar Adware more information...
        Details: Advertbar is a set of programs, which includes the MessageMates software from Adtools, Inc. These small advertising Windows programs have various characters that display across the screen, such as the animals from "Ice Age," the animated movie.
        Status: Ignored

        Infected registry entries detected
        HKEY_CURRENT_USER\Software\AdTools, Inc.
        HKEY_CURRENT_USER\Software\AdTools, Inc.\adpuller data1 1
        HKEY_CURRENT_USER\Software\AdTools, Inc.\Connection Installed 1
        HKEY_CURRENT_USER\Software\AdTools, Inc.\Temp Dir C:\DOCUME~1\alex\LOCALS~1\Temp\4D\
        HKEY_CURRENT_USER\Software\AdTools, Inc.\UserInfo Identifier ac96cb00-be77-44a7-bc75-def164203fed


        IST.PowerScan Adware more information...
        Details: PowerScan is advertised through in ordinary web pop-ups, but recently it started to install with help from the the ISTBar adware.
        Status: Ignored

        Infected registry entries detected
        HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main bandrest


        YourSiteBar Spyware more information...
        Details: YourSiteBar from IST, the makers of numerous spyware threats, is an affiliate based marketing toolbar.
        Status: Ignored

        Infected registry entries detected
        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main BandRest Never
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main BandRest Never


        Ajan 1.0 Cookie more information...
        Status: Ignored

        Infected cookies detected
        c:\documents and settings\alex\cookies\alex@xiti[1].txt

        voilà je te laisse je bosse demain matin a 4h00 je te recontact bye et merci pour tout ce que tu fait
        0
      2. Kristopher Messages postés 3752 Statut Contributeur 106 > alex33610 Messages postés 37 Statut Membre
         
        Re,

        MDR he he ^^

        Quand je disais qu'il ne suffisait pas d'installer un bon programme mais qu'il fallait encore savoir s'en servir...

        Comme tu as pu le remarquer, on peut lire "Status: Ignored".

        Cela signifie que les infections sont ignorées...

        Or, pour s'en débarrasser, il faut bien évidemment les supprimer (cf. 6/ poste < 14 >).

        Donc, tu sélectionnes soigneusement les infections trouvées et cliques sur "Remove" tout simplement.

        ++
        0
      3. alex33610 Messages postés 37 Statut Membre > Kristopher Messages postés 3752 Statut Contributeur
         
        salut ok je le refait et je les supprime et j'en reppasse en apres et je te tiens au courant
        0
  20. alex33610 Messages postés 37 Statut Membre
     
    voilà le rapport apres les avoir effacés:
    Spyware Scan Details
    Start Date: 19/03/2006 11:45:14
    End Date: 19/03/2006 12:16:55
    Total Time: 31 mins 41 secs

    Detected spyware
    No spyware were found during this scan.
    0
  21. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Où en sont tes problèmes alors ?
    0
    1. alex33610 Messages postés 37 Statut Membre
       
      ben apres le rapport de counter spy j'ai relancé kaspery là j'attends que ça finisse et je t'envoie le rapport
      0
      1. Kristopher Messages postés 3752 Statut Contributeur 106 > alex33610 Messages postés 37 Statut Membre
         
        ok man
        0
  • 1
  • 2