Tom's Guide > Forum > Sécurité - Virus > scan avec ad aware RESOLU
scan avec ad aware RESOLU - Sécurité - Virus
TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Répondre
Mot :    Pseudo :           
 
Act@IDN   27-05-2006 à 22:45:40

bonsoir

j'ai fais un scan avec ad-aware et il me trouve 9 fichiers bizarres.

que dois-je faire?

merci


Ad-Aware SE Build 1.06r1
Logfile Created on:samedi 27 mai 2006 22:33:44
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R109 22.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
eSyndicate BHO(TAC index:6):1 total references
MRU List(TAC index:0):8 total references
Possible Browser Hijack attempt(TAC index:3):2 total references
SpywareStormer(TAC index:3):5 total references
Tracking Cookie(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


27-05-2006 22:33:44 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\FLORENT\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-4165640280-3644775489-3565114619-1007\software\microsoft\automap\10.0\findmru
Description : list of recently used find queries used in microsoft automap-based products


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-4165640280-3644775489-3565114619-1007\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-4165640280-3644775489-3565114619-1007\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-4165640280-3644775489-3565114619-1007\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 452
ThreadCreationTime : 27-05-2006 17:34:28
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 500
ThreadCreationTime : 27-05-2006 17:34:29
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 524
ThreadCreationTime : 27-05-2006 17:34:30
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 568
ThreadCreationTime : 27-05-2006 17:34:31
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 580
ThreadCreationTime : 27-05-2006 17:34:31
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 744
ThreadCreationTime : 27-05-2006 17:34:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 27-05-2006 17:34:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 860
ThreadCreationTime : 27-05-2006 17:34:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 944
ThreadCreationTime : 27-05-2006 17:34:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1076
ThreadCreationTime : 27-05-2006 17:34:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1184
ThreadCreationTime : 27-05-2006 17:34:35
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1344
ThreadCreationTime : 27-05-2006 17:34:37
BasePriority : Normal
FileVersion : 6.14.10.6085
ProductVersion : 6.14.10.6085
ProductName : NVIDIA Driver Helper Service, Version 60.85
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 60.85
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:13 [slserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1416
ThreadCreationTime : 27-05-2006 17:34:38
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:14 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1436
ThreadCreationTime : 27-05-2006 17:34:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:15 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1512
ThreadCreationTime : 27-05-2006 17:34:38
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:16 [xcommsvr.exe]
FilePath : C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\
ProcessID : 1588
ThreadCreationTime : 27-05-2006 17:34:38
BasePriority : Normal
FileVersion : 1, 8, 11, 0
ProductVersion : 1, 8, 11, 0
ProductName : Softwin BitDefender Communicator Server
CompanyName : Softwin
FileDescription : BitDefender Communicator Server
InternalName : XCOMMSVR
LegalCopyright : Copyright © 2003-2004 Softwin
OriginalFilename : xcommsvr.exe
Comments : Manages communication between BitDefender components

#:17 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1860
ThreadCreationTime : 27-05-2006 17:34:40
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:18 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 476
ThreadCreationTime : 27-05-2006 17:34:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE

#:19 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 492
ThreadCreationTime : 27-05-2006 17:34:41
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Hewlett-Packard hpotdd01
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
LegalCopyright : Copyright © 2002
OriginalFilename : hpotdd01.exe

#:20 [hpztsb09.exe]
FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\
ProcessID : 648
ThreadCreationTime : 27-05-2006 17:34:41
BasePriority : Normal
FileVersion : 2.236.2.0
ProductVersion : 2.236.2.0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2003

#:21 [hpwuschd.exe]
FilePath : C:\Program Files\Hewlett-Packard\HP Software Update\
ProcessID : 584
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Hewlett-Packard hpwuSchd
CompanyName : Hewlett-Packard
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe

#:22 [hpcmpmgr.exe]
FilePath : C:\Program Files\HP\hpcoretech\
ProcessID : 752
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal
FileVersion : 2.1.1
ProductVersion : 2.1.1
ProductName : hp coretech (COmponent REuse TECHnology)
CompanyName : Hewlett-Packard Company
FileDescription : HP Framework Component Manager Service
InternalName : HPComponentManagerService module
LegalCopyright : Copyright (C) Hewlett-Packard. 2002-2003
OriginalFilename : HPCmpMgr.exe

#:23 [bdoesrv.exe]
FilePath : C:\Program Files\Softwin\BitDefender9\
ProcessID : 840
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal
FileVersion : 8, 1, 0, 0
ProductVersion : 8, 1, 0, 0
ProductName : Bitdefender 8
CompanyName : SOFTWIN SRL
FileDescription : bdoesrv application
InternalName : bdoesrv
LegalCopyright : © 2005 SOFTWIN S.R.L.
OriginalFilename : bdoesrv.exe

#:24 [bdnagent.exe]
FilePath : C:\progra~1\softwin\bitdef~1\
ProcessID : 852
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 0, 0, 0, 0
ProductName : BitDefender News Agent
CompanyName : SOFTWIN S.R.L
FileDescription : BitDefender News Agent
InternalName : News Agent
LegalCopyright : © 2005 SOFTWIN S.R.L.
OriginalFilename : BDNewsAgent.exe

#:25 [bdswitch.exe]
FilePath : C:\progra~1\softwin\bitdef~1\
ProcessID : 892
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal


#:26 [lvcomsx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 916
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal
FileVersion : 8.4.7.1036
ProductVersion : 8.4.7.1036
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : (c) 1996-2005 Logitech. All rights reserved.
OriginalFilename : LVComS.exe

#:27 [logitray.exe]
FilePath : C:\Program Files\Logitech\Video\
ProcessID : 928
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal
FileVersion : 8.4.7.1034
ProductVersion : 8.4.7.1034
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : ImageStudio Tray Application
InternalName : LogiTray.exe
LegalCopyright : (c) 1996-2005 Logitech. All rights reserved.
OriginalFilename : LogiTray.exe

#:28 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 932
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal
FileVersion : 5.1.0.26
ProductVersion : 5.1.0.26
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright (c) 2001-2004 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:29 [googledesktop.exe]
FilePath : C:\Program Files\Google\Google Desktop Search\
ProcessID : 960
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal


#:30 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_06\bin\
ProcessID : 1020
ThreadCreationTime : 27-05-2006 17:34:42
BasePriority : Normal


#:31 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1052
ThreadCreationTime : 27-05-2006 17:34:43
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:32 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 1068
ThreadCreationTime : 27-05-2006 17:34:43
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:33 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 1088
ThreadCreationTime : 27-05-2006 17:34:43
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:34 [logitechdesktopmessenger.exe]
FilePath : C:\Program Files\Logitech\Desktop Messenger\8876480\Program\
ProcessID : 1268
ThreadCreationTime : 27-05-2006 17:34:43
BasePriority : Normal
FileVersion : 2.30.04
ProductVersion : 2.30.04
ProductName : Logitech Desktop Messenger
CompanyName : Logitech
FileDescription : Logitech Desktop Messenger
InternalName : SyncExt
LegalCopyright : Copyright (C) Logitech 2000-2005. All rights reserved
OriginalFilename : SyncExt.dll
Comments : About:
www.logitech.com/ldm

Privacy Policy:
http://privacy.logitech.com

#:35 [googledesktopindex.exe]
FilePath : C:\Program Files\Google\Google Desktop Search\
ProcessID : 1300
ThreadCreationTime : 27-05-2006 17:34:43
BasePriority : Normal


#:36 [fxsvr2.exe]
FilePath : C:\Program Files\Logitech\Video\
ProcessID : 2336
ThreadCreationTime : 27-05-2006 17:34:48
BasePriority : Normal
FileVersion : 8.4.7.1034
ProductVersion : 8.4.7.1034
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : QuickCam Framework Server
InternalName : FxSvr.EXE
LegalCopyright : (c) 1996-2005 Logitech. All rights reserved.
OriginalFilename : FxSvr.EXE

#:37 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2612
ThreadCreationTime : 27-05-2006 17:34:50
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:38 [googledesktopdisplay.exe]
FilePath : C:\Program Files\Google\Google Desktop Search\
ProcessID : 2640
ThreadCreationTime : 27-05-2006 17:34:51
BasePriority : Normal


#:39 [googledesktopcrawl.exe]
FilePath : C:\Program Files\Google\Google Desktop Search\
ProcessID : 2764
ThreadCreationTime : 27-05-2006 17:34:53
BasePriority : Normal


#:40 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3200
ThreadCreationTime : 27-05-2006 17:34:57
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:41 [livesrv.exe]
FilePath : C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\
ProcessID : 1528
ThreadCreationTime : 27-05-2006 19:41:18
BasePriority : Normal
FileVersion : 9, 0, 0, 3
ProductVersion : 9, 0, 0, 0
ProductName : BitDefender 9
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : LiveSrv
LegalCopyright : © 2005 SOFTWIN S.R.L.
OriginalFilename : livesrv.exe

#:42 [bdss.exe]
FilePath : C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\
ProcessID : 1040
ThreadCreationTime : 27-05-2006 19:41:21
BasePriority : Normal


#:43 [vsserv.exe]
FilePath : C:\Program Files\Softwin\BitDefender9\
ProcessID : 3880
ThreadCreationTime : 27-05-2006 19:41:24
BasePriority : Normal
FileVersion : 9, 0, 0, 15
ProductVersion : 9, 0, 0, 15
ProductName : BitDefender 9
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : VSServ
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : vsserv.exe

#:44 [bdmcon.exe]
FilePath : c:\progra~1\softwin\bitdef~1\
ProcessID : 3824
ThreadCreationTime : 27-05-2006 19:41:27
BasePriority : Normal
FileVersion : 9, 0, 0, 7
ProductVersion : 9, 0, 0, 7
ProductName : BitDefender 9
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Management Console
InternalName : Management Console
LegalCopyright : © 2005 SOFTWIN S.R.L.
OriginalFilename : bdmcon.exe

#:45 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3336
ThreadCreationTime : 27-05-2006 20:32:33
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 8


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

SpywareStormer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{205ff73b-ca67-11d5-99dd-444553540000}

SpywareStormer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{205ff73a-ca67-11d5-99dd-444553540000}

SpywareStormer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{205ff72e-ca67-11d5-99dd-444553540000}

eSyndicate BHO Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Malware
Comment : "navtime"
Rootkey : HKEY_USERS
Object : S-1-5-21-4165640280-3644775489-3565114619-1007\\software\livesvc
Value : navtime

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 12


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : {205FF73B-CA67-11D5-99DD-444553540000} (http://www.spywarestormer.com/files2/install.cab)

Possible Browser Hijack attempt Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Vulnerability
Comment : Possible Browser Hijack attempt : http://www.spywarestormer.com/files2/install.cab
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Vulnerability
Comment : Possible Browser Hijack attempt : http://www.spywarestormer.com/files2/install.cab
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}
Value : Installer

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 14


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : florent@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:florent@mediaplex.com/
Expires : 22-06-2009 02:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 15



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 15


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 15




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

SpywareStormer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : install.install

SpywareStormer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : install.install.1

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 17

22:40:58 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:07:14.469
Objects scanned:135287
Objects identified:9
Objects ignored:0
New critical objects:9


Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
freeman206   27-05-2006 à 22:55:00
- 0 +

Salut Act.

Pour te débarasser de tes trojan et autres malwares fais ceci :

I) Pour faire le ménage et accélerer l'ordinateur :


1) Télécharge Ccleaner, fais un log et supprime tous ce qu'il te trouve
Avec son Tuto explicatif


II) Vérification de l'ordinateur par des antivirus et anti malwares :


1) Télécharge Ewido mets le à jour et fais un scan en mode sans échec (tapote la touche F8 au démarage de ton ordinateur). Redémarre normalement et post le log.

2) Télécharge (qui nessecite un enregistrement sur le web). Fais un scan et supprime tous ce qu'il trouve.

3) Fais un scan antivirus en ligne Kaspersky; son tuto et post le rapport


III) Faire un log HijackThis :


** Télécharge HijackThis et clique sur "Do a system scan only". A la fin du scan fait "save log" et enregistre le sur ton bureau,post le ensuite en fesant un copier-coller

Répondre à freeman206
Bebeoix   27-05-2006 à 22:55:54
- 0 +

Si ad-aware te dectect sa , c'est pas pour rien.
Réfléchi si tu as installé ad-aware c'est pour enlever les spywares.
Par conclusion logique tu suprimes tout !

Répondre à Bebeoix
freeman206   27-05-2006 à 23:02:01
- 0 +

Aaaaaaaaaaaaaaaaaaaa..... Tu voulais savoir que faire avec ad aware. Ba oui comme te le dit Bebeoix supprime tout et efface définitivement ensuite tous les objets qui se trouvent dans la quarantaine.

Répondre à freeman206
Act@IDN   28-05-2006 à 00:19:09
- 0 +

bonsoir, aprés le cleaner voici le rapport ewido en mode sans echec
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 00:10:50, 28/05/2006
+ Somme de contrôle: A4224B5B

+ Résultats du scan:

Pas de fichiers infectés trouvés!


::Fin du rapport

la suite demain. merci

Répondre à Act@IDN
freeman206   28-05-2006 à 11:27:38
- 0 +

Bonjour Act.

Ewido ne t'as rien trouvé, fais le scan avec A² pour être sur qu'il n'y est aucun malware sur ton ordinateur.

PS: Ad aware te trouve-t-il encore des fichiers infectieux ?

Répondre à freeman206
Act@IDN   28-05-2006 à 19:04:30
- 0 +

bonjour freeman,

pour répondre a ta question, ad-aware ne me trouve plus rien et A2 m'a supprimé mes 9 malwares.

je continue la suite de la procédure.

merci

Répondre à Act@IDN
Act@IDN   28-05-2006 à 20:12:32
- 0 +

bonsoir,

le scanner avec kaspersky on line ne trouve rien.
voici le rapport hijackthis
merci


Logfile of HijackThis v1.99.1
Scan saved at 20:10:21, on 28/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\FLORENT\Local Settings\Temporary Internet Files\Content.IE5\C52JK5AR\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tout-sur-le-piegeage.forumactif.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] nerADP.cab
O18 - Protocol: bw+0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: sockspy.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)


Répondre à Act@IDN
rocket_270@IDN   28-05-2006 à 20:14:20
- 0 +

Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

O18 - Protocol: bw+0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Ewido

Telecharge ewido sur ce site:
www.infos-du-net.com/telecharger/E [...] lware.html
Fais les mise a jour puis fais un scan et post le rapport

Répondre à rocket_270@IDN
Act@IDN   28-05-2006 à 21:50:59
- 0 +

bonsoir,

j'ai suivi la<procédure ci-dessus a la lettre
voici le rapport ewido
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 21:48:32, 28/05/2006
+ Somme de contrôle: BFEE8DAB

+ Résultats du scan:

C:\Documents and Settings\FLORENT\Cookies\florent@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\FLORENT\Cookies\florent@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\FLORENT\Cookies\florent@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder


::Fin du rapport

Répondre à Act@IDN
rocket_270@IDN   28-05-2006 à 22:29:19
- 0 +

Les menaces detecter par ewido ne sont pas grave ce sont des tracking cookies , il te suffit de faire un scan avec :
CCleaner

Telecharge ccleaner sur ce site:
www.infos-du-net.com/telecharger/CCleaner.html
Il nettoie ton ordi de tout les fichiers temporaires inutiles.
Fais une analyse puis lance le nettoyage.

Sinon repost un nouveau log hijackthis

Répondre à rocket_270@IDN
Act@IDN   28-05-2006 à 22:38:48
- 0 +

e-bonsoir

voici le nouveau rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 22:36:40, on 28/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\FLORENT\Local Settings\Temporary Internet Files\Content.IE5\RR8C4XOR\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tout-sur-le-piegeage.forumactif.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] nerADP.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D3823128-B4FF-47F2-8C41-FEE4983FB59E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: sockspy.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Répondre à Act@IDN
freeman206   28-05-2006 à 22:40:52
- 0 +

Bonsoir.

Pour ton log ça m'a l'air clean.

Répondre à freeman206
rocket_270@IDN   28-05-2006 à 22:44:06
- 0 +

tu a raison freeman206 , log clean .
Si tu n a plus de probleme et plus de question merci de rajouter au titre de ton sujet [Resolu].

Merci

Répondre à rocket_270@IDN
freeman206   28-05-2006 à 22:49:20
- 0 +

Plus de 700 post (703) Rocket_270 sa se fête !! :bravo: :bravo: :bierre: :bierre: :amis: :amis: :tchin: :tchin: :gg: :gg: Encore bravo. Beaucoup de gens peuvent te remercier car tu les as bien aider !!

Répondre à freeman206
rocket_270@IDN   28-05-2006 à 22:51:51
- 0 +

Merci freeman toi aussi tu va bientot passer un cap.
Allez , je porte un tost au probleme resolu. :bierre: :bierre: :bierre:

Répondre à rocket_270@IDN
Act@IDN   28-05-2006 à 22:56:11
- 0 +

merci a tous pour votre aide.
une dernière question,

je connais rien aux malwares, spywares et autres vers, virus.
que me conseillez vous de faire comme entretien périodique sur mon pc? et avec quels logiciels?

merci

Répondre à Act@IDN
rocket_270@IDN   28-05-2006 à 23:01:12
- 0 +

1/Scanner le PC avec ces logiciel

1.1/Spybot-Search & Destroy

Telecharge le sur ce site:
www.infos-du-net.com/telecharger/S [...] stroy.html
Fais les mise a jour.
Fais un scan et supprime toutes les menaces detecter.

1.2/Ad-Aware

Telecharge le sur ce site:
www.infos-du-net.com/telecharger/A [...] sonal.html
Fais les mise a jour.
Fais un scan supprimes toutes les menaces detecter.

2/Nettoyer le disque dur :(pas obligatoire)

2.1/CCleaner

Telecharge ccleaner sur ce site:
www.infos-du-net.com/telecharger/CCleaner.html
Il nettoie ton ordi de tout les fichiers temporaires inutiles.
Fais une analyse puis lance le nettoyage.

3/Ewido

Telecharge ewido sur ce site:
www.infos-du-net.com/telecharger/E [...] lware.html
Fais les mise a jour puis fais un scan.

4/Scan en ligne , choisi celui qui te plait:
webscanner.kaspersky.fr/
www.pandasoftware.com/activescan

Répondre à rocket_270@IDN
freeman206   28-05-2006 à 23:04:31
- 0 +

Bonsoir Act.

Pour entretenir ton pc fais des scans régulièrement avec ceci :

I) Entretien de la machien : ( 1 fois par mois )

1) Ccleaner, fais un log et supprime tous ce qu'il te trouve
Avec son Tuto explicatif

2) Tune Up Utilities 2006 (Tu dispose de 30 jours d'essais). Va dans l'onglet: "Nettoyage et réparation" et fais des scans avec: " TuneUp Diskcleaner " et avec " TuneUp RegistryCleaner".

II) Scans anti spywares et anti virus ( 1 fois par semaine ou par jour si tu es parano sur les bords :-D)

3) Ewido mets le à jour et fais un scan.

4) (qui nessecite un enregistrement sur le web). Fais un scan et supprime tous ce qu'il trouve.

5)Fais un scan avec ton antivirus ou avec un antivirus en ligne : Kaspersky; son tuto

Répondre à freeman206
freeman206   28-05-2006 à 23:05:58
- 0 +

Je suis un peu lent le soir.... :-D

Répondre à freeman206
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > scan avec ad aware RESOLU
Aller à :

Il y a 1832 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,322 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens