Sujet Précédent Sujet Suivant

Dialer.trojan

Pascal -  
 Pascal -
Bonjour,

Depuis 2 jours Norton me détecte 20 fois par jour un virus nommé dialer.trojan

Les fichiers repérés se trouvent à chaque fois dans Windows/Temp sous ce genre de nom idd15A.tmp.exe

Après maintes scans de Norton, Ad-Aware et ewido, il est toujours présent.

Je ne sais plus quoi faire, si vous pouviez m'aider...

Merci beaucoup

14 réponses

Réponse 1 / 14
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

Lance ce scan en ligne:
http://www.bitdefender.fr/scan8/ie.html
Copie/colle le rapport

A+
0
Réponse 2 / 14
pascal
 
Merci beaucoup Regis pour ton aide

Je n'arrive pas à mettre le rapport sur le forum, ni sur le web il ne veut pas s'afficher entièrement, il y a trop de lignes je pense . Problème, il m'a détecté beaucoup de choses...

je t'affiche le début mais il y en a plein comme ça ...

-------------

C:\WINDOWS\Temp\win190.tmp.exe
Infecté par: Trojan.Klone.C
C:\WINDOWS\Temp\win190.tmp.exe
Echec de la désinfection
C:\WINDOWS\Temp\win190.tmp.exe
Echec de la suppression
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60454544.tmp=>(Quarantine-2)=>[Subject: Re: Re: Thanks!][Date: Wed, 26 Jul 2006 22:00:32 +0200]=>(MIME part)=>document.pif
Infecté par: Win32.Netsky.D@mm
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60454544.tmp=>(Quarantine-2)=>[Subject: Re: Re: Thanks!][Date: Wed, 26 Jul 2006 22:00:32 +0200]=>(MIME part)=>document.pif
Echec de la désinfection
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60454544.tmp=>(Quarantine-2)=>[Subject: Re: Re: Thanks!][Date: Wed, 26 Jul 2006 22:00:32 +0200]=>(MIME part)=>document.pif
Supprimé
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60454544.tmp=>(Quarantine-2)=>[Subject: Re: Re: Thanks!][Date: Wed, 26 Jul 2006 22:00:32 +0200]=>(MIME part)
Mis à jour
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60454544.tmp=>(Quarantine-2)
Mis à jour
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60454544.tmp
Echec de la mise à jour
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7963530E.tmp=>(Quarantine-2)=>[Subject: Re: Your letter][Date: Thu, 27 Jul 2006 11:06:16 +0200]=>(MIME part)=>your_letter.pif
Infecté par: Win32.Netsky.D@mm
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7963530E.tmp=>(Quarantine-2)=>[Subject: Re: Your letter][Date: Thu, 27 Jul 2006 11:06:16 +0200]=>(MIME part)=>your_letter.pif
Echec de la désinfection
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7963530E.tmp=>(Quarantine-2)=>[Subject: Re: Your letter][Date: Thu, 27 Jul 2006 11:06:16 +0200]=>(MIME part)=>your_letter.pif
Supprimé
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7963530E.tmp=>(Quarantine-2)=>[Subject: Re: Your letter][Date: Thu, 27 Jul 2006 11:06:16 +0200]=>(MIME part)
Mis à jour
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7963530E.tmp=>(Quarantine-2)
Mis à jour
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7963530E.tmp
Echec de la mise à jour
C:\Documents and Settings\Domicile\Local Settings\Temporary Internet Files\Content.IE5\EAZNPW5A\srvnev[1].exe
Infecté par: Trojan.Klone.C
C:\Documents and Settings\Domicile\Local Settings\Temporary Internet Files\Content.IE5\EAZNPW5A\srvnev[1].exe
Echec de la désinfection
C:\Documents and Settings\Domicile\Local Settings\Temporary Internet Files\Content.IE5\EAZNPW5A\srvnev[1].exe
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059670.exe=>(Quarantine-2)
Infecté par: Trojan.Downloader.Zlob.TFE
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059670.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059670.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059672.pif=>(Quarantine-2)
Infecté par: Win32.NetSky.C@mm
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059672.pif=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059672.pif=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059673.exe=>(Quarantine-2)
Infecté par: Win32.NetSky.C@mm
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059673.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059673.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059674.pif=>(Quarantine-2)
Infecté par: Win32.NetSky.C@mm
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059674.pif=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059674.pif=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059675.scr=>(Quarantine-2)
Infecté par: Win32.NetSky.C@mm
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059675.scr=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059675.scr=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059676.pif=>(Quarantine-2)
Infecté par: Win32.NetSky.C@mm
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059676.pif=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059676.pif=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059677.pif=>(Quarantine-2)
Infecté par: Win32.NetSky.C@mm
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059677.pif=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059677.pif=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059678.com=>(Quarantine-2)
Infecté par: Win32.NetSky.C@mm
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059678.com=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059678.com=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059679.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059679.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059679.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059680.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059680.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059680.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059681.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059681.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059681.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059682.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059682.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059682.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059683.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059683.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059683.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059684.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059684.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059684.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059685.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059685.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059685.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059686.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059686.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059686.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059687.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059687.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059687.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059688.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059688.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059688.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059689.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059689.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059689.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059690.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059690.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059690.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059691.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059691.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059691.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059692.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059692.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059692.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059693.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059693.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059693.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059694.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059694.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059694.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059695.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059695.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059695.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059696.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059696.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059696.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059697.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059697.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059697.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059698.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059698.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059698.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059699.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059699.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059699.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059700.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059700.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059700.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059701.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059701.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059701.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059702.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059702.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059702.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059703.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059703.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059703.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059704.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059704.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059704.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059705.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059705.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059705.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059706.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059706.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059706.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059707.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059707.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059707.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059708.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059708.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059708.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059709.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059709.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059709.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059710.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059710.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059710.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059711.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059711.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059711.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059712.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059712.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059712.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059713.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059713.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059713.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059714.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059714.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059714.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059715.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059715.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059715.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059716.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059716.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059716.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059717.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059717.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059717.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059718.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059718.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059718.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059719.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059719.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059719.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059720.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059720.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059720.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059721.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059721.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059721.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059722.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059722.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059722.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059723.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059723.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059723.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059724.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059724.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059724.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059725.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059725.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059725.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059726.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059726.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059726.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059727.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059727.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059727.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059728.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059728.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059728.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059729.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059729.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059729.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059730.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059730.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059730.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059731.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059731.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059731.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059732.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059732.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059732.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059733.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059733.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059733.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059734.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059734.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059734.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059735.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059735.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059735.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059736.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059736.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059736.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059737.exe=>(Quarantine-2)
Infecté par: Win32.Worm.VB.Bacteria.B.Dam
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059737.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP326\A0059737.exe=>(Quarantine-2)
Supprimé
0
Réponse 3 / 14
Pascal
 
J'en ai encore pleins d'autres ça va jusqu'à 60437
0
Réponse 4 / 14
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Tant que ca? lol

Vide la quarantaine de norton:
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine << vide tout ce qu il y a dedans.

¤Désactive ta restauration système (uniquement si tu es sous XP):
Clic droit sur poste de travail puis,
propriété, tu cliques sur onglet restauration système
tu coches la case « désactiver la restauration » et applique.

Puis,

¤Réactive ta restauration système (uniquement si tu es sous XP):
Clic droit sur poste de travail puis,
propriété, tu cliques sur onglet restauration système
tu décoches la case « désactiver la restauration » et applique

Maintenant, relance un scan

A+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
Pascal
 
Donc j'ai fait ce que tu m'as dit et voilà le résultat

C:\WINDOWS\Temp\win198.tmp.exe
Infecté par: Trojan.Klone.C

C:\WINDOWS\Temp\win198.tmp.exe
Echec de la désinfection

C:\WINDOWS\Temp\win198.tmp.exe
Supprimé

C:\WINDOWS\Temp\win19B.tmp.exe
Infecté par: Trojan.Klone.C

C:\WINDOWS\Temp\win19B.tmp.exe
Echec de la désinfection

C:\WINDOWS\Temp\win19B.tmp.exe
Supprimé

C:\WINDOWS\Temp\win40.tmp.exe
Infecté par: Trojan.Klone.C

C:\WINDOWS\Temp\win40.tmp.exe
Echec de la désinfection

C:\WINDOWS\Temp\win40.tmp.exe
Supprimé

C:\WINDOWS\Temp\win47.tmp.exe
Infecté par: Trojan.Klone.C

C:\WINDOWS\Temp\win47.tmp.exe
Echec de la désinfection

C:\WINDOWS\Temp\win47.tmp.exe
Supprimé

C:\WINDOWS\Temp\win4A.tmp.exe
Infecté par: Trojan.Klone.C

C:\WINDOWS\Temp\win4A.tmp.exe
Echec de la désinfection

C:\WINDOWS\Temp\win4A.tmp.exe
Echec de la suppression

Pendant le scan norton me le détecte à nouveau, il est toujours là.

J'ai fait un scan mcafee en ligne et lui me donne ça

C:\WINDOWS\system32\winepi32.dll BackDoor-CVT
C:\WINDOWS\Temp\win66.tmp.exe Dialer-185
C:\WINDOWS\Temp\win6B.tmp.exe Dialer-185
C:\WINDOWS\Temp\win6F.tmp.exe Dialer-185
C:\WINDOWS\Temp\win4A.tmp.exe Dialer-185

quoi faire d'autre ? Merci d'avance
0
Réponse 6 / 14
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Re,

télécharge HijackThis ici:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bon courage

A+
0
Réponse 7 / 14
pascal
 
le voici :

Logfile of HijackThis v1.99.1
Scan saved at 00:55:33, on 30/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Inventel\Gateway\WLANCFG.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://loginnet.passport.com/ppsecure/md5auth.srf?lc=1036
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: HotSync Manager.LNK = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://architectonica-nobilis.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.leaderphoto.com/uploaders/ImageUploader3.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4815/mcfscan.cab
O18 - Protocol: bw+0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: winepi32 - C:\WINDOWS\SYSTEM32\winepi32.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 8 / 14
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

lance un scan ewido et copie colle le rapport

a+
0
Réponse 9 / 14
Pascal
 
voilà le rapport Régis :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:13:58 30/07/2006

+ Scan result:

C:\Documents and Settings\Domicile\Cookies\domicile@247realmedia[2].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Domicile\Cookies\domicile@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Domicile\Cookies\domicile@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Domicile\Cookies\domicile@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Domicile\Cookies\domicile@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Domicile\Cookies\domicile@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

::Report end
0
Utilisateur anonyme
 
Bonjour !

Bon, dans ton rapport d'Ewido, il y a écrit "no action taken", ce qui signifie que tu n'as pas correctement supprimé les cookies...

Donc, tu peux relancer un scan Ewido et cliquer sur "delete all" ou "supprimer tout", et tu reviens avec un scan propre !

Ça avancera Régis !

0
Réponse 10 / 14
Pascal
 
Si mais comme j'étais toujours conencté à internet ils reviennent.

J'ai fait un scan déconnecté et voilà :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:13:49 30/07/2006

+ Scan result:

Nothing found.

::Report end

--------------

donc je fais quoi maintenant Merci beaucoup
0
Réponse 11 / 14
Pouffpouff Messages postés 301 Statut Membre 6
 
B'jour

Tu peux relancer L'HT,
clik ==> do a scan on line
coche les lignes
clik "fix checked"

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://architectonica-nobilis.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.leaderphoto.com/uploaders/ImageUploader3.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4815/mcfscan.cab
O18 - Protocol: bw+0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {0F36A533-FA31-4801-BE32-6203A54AF73E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

refais un démarrage de ton pc -
recolle un HT

'voir

0
Réponse 12 / 14
Pascal
 
le voici :

Logfile of HijackThis v1.99.1
Scan saved at 13:21:30, on 30/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\palmOne\Hotsync.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\HijackThis.exe
C:\Program Files\Inventel\Gateway\WLANCFG.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://loginnet.passport.com/ppsecure/md5auth.srf?lc=1036
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: HotSync Manager.LNK = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O20 - Winlogon Notify: winepi32 - C:\WINDOWS\SYSTEM32\winepi32.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

et maintenant ?
0
Réponse 13 / 14
Pascal
 
bon ben merci les gars de m'avoir laisser tombé....

j'ai fini par trouver

j'ai fait un scan en ligne avec kaspersky il me trouvait les mêmes fichiers infectés.

J'ai installé killbox

j'ai redémarré en mode sans échec

j'ai ouvert killbox et j'ai supprimé mes fichiers

j'ai redémarré en mode normal j'ai refais un scan et plus rien !

et toujours rien depuis 18 h

pourvu que ça dure

Enfin, merci d'avoir essayé

-------------

si ça peut aider quelqu'un

dans killbox faut cocher "delete on reboot", chercher votre fichier et cliquer sur la croix blanche sur fond rouge (supprimer fichier)

Bon courage à tous
0
Utilisateur anonyme
 
Bonjour Pascal !

Personne ne t'a laissé tomber mais tu n'es pas le seul à demander, vois-tu !
De plus, il y a des bénévoles qui travaillent, d'autres qui prennent des vacances bien méritées !
Alors, pourquoi s'offusquer d'un jour ou 2 de retard quant aux réponses ?

Merci d'avoir indiqué la solution !

Bonne journée !
0
Réponse 14 / 14
Pascal
 
Bonjour,

C'est vraiment l'impression que j'ai eu désolé de ne pas avoir eu la patience...

Ce matin toujours pas de Trojan en vue. j'espère que la solution que j'ai trouvé pourra aider d'autres internautes.

Bonne journée
0