Se connecter / S'enregistrer
Votre question

trojan banker delf

Tags :
  • Scan
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Mai 2006 22:20:21

Bonsoir, je viens de faire un scan de mon pc suite à des envoies automatique d'un fichier à mes contact sur msn messenger. Il semble que je sois infecté d'un trojan.
Le souci, c'est que je ne sais pas quoi faire pour m'en débarasser, mon antivirus avast ne le voit pas apparemment pas.
En faisant un scan avec Bitdefender, il me trouve plusieurs trojan mais ne peut les supprimer.

De plus je viens de faire un scan avec HijackThis. En voila le résultat ;

Logfile of HijackThis v1.99.1
Scan saved at 22:12:39, on 26/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Philips ToUcam Camera\VProperty.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system\smsc.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system\msmsgc.cmd
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\Video\VideoEffectsWatcher.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Julien\Local Settings\Temporary Internet Files\Content.IE5\MDMZQ7Q5\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F7B88C60-21B7-38E4-B403-1498B84D5300} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX620 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE /P31 "EPSON Stylus Photo RX620 Series" /O6 "USB002" /M "Stylus Photo RX620"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Shell] C:\WINDOWS\system\smsc.exe
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\Julien\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/Smiley...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: bw+0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

Merci d'avance pour le coup de main.

Autres pages sur : trojan banker delf

26 Mai 2006 22:36:18

Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation

O2 - BHO: (no name) - {F7B88C60-21B7-38E4-B403-1498B84D5300} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [Shell] C:\WINDOWS\system\smsc.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/Smiley.... 5.cab
O18 - Protocol: bw+0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D4EE7FCF-CD23-4CCD-858F-BA302B68923A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll


Redémarre en mode sans échec, (en tapotant F8 au démarrage).
Assures-toi que tu as accès aux fichiers cachés.
-Explorateur windows->outils->options des dossiers->affichage
"Afficher les fichiers cachés"->coché
"Masquer les extensions.."->décoché
"Masquer les fichiers protégers du système"->décoché

Supprimes manuellement les fichiers suivants:

C:\WINDOWS\system\smsc.exe

Vide ta corbeille.
Redémarre ton pc.

Ewido

Telecharge ewido sur ce site:
www.infos-du-net.com/telecharger/Ewido-Anti-Malware.htm...
Fais les mise a jour puis fais un scan et post le rapport
26 Mai 2006 23:26:58

Bonsoir Ororomunroe.

En complément de ce que t'as dir rocket_270 ( que je salu au passage :bierre: ) et après avoir fait ce qu'il t'as dit, fais ceci :

I) Télécharge Ccleaner, fais un log et supprime tous ce qu'il te trouve
Avec son Tuto explicatif

II) Télécharge (qui nessecite un enregistrement sur le web). Fais un scan et supprime tous ce qu'il trouve.

III) Fais un scan antivirus en ligne Kaspersky; son tuto et post le rapport

IV) Refais un log HijackThis :


** Lance HijackThis et clique sur "Do a system scan only". A la fin du scan fait "save log" et enregistre le sur ton bureau,post le ensuite en fesant un copier-coller
Contenus similaires
26 Mai 2006 23:43:58

voila le rapport d'ewido :
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 23:42:22, 26/05/2006
+ Somme de contrôle: CB3E391

+ Résultats du scan:

HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Nettoyer et sauvegarder
HKLM\SOFTWARE\IntexusDial -> Dialer.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bargain Buddy -> Adware.BargainBuddy : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta\{4da4616d-7e6e-4fd9-a2d5-b6c535733e22} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\dminstall2.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\bdedata2.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\dmanu4.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\dman25.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\admdata.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\admdloader.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\admfdi.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\admprog.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\Atl.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\dmfiles.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\DMinfo2.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\dminstall3.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\msvcirt.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\mysearch.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\pmexe.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\pmfiles.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\pminstall.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\Setup.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\Setup.exe -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\adm.exe -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\adm25.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Altnet\adm4.dll -> Adware.Altnet : Nettoyer et sauvegarder
C:\WINDOWS\Downloaded Program Files\Install.dll -> Adware.SpywareStorm : Nettoyer et sauvegarder
C:\WINDOWS\NDNuninstall4_85.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@as1.falkag[3].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@atdmt[3].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder
C:\Documents and Settings\Julien\Cookies\julien@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Program Files\Altnet -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_w95.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sfx.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cab.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\na.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sfx.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\java.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cab.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ve.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.ivd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mime.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\html.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\lha.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\java.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mso.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mime.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\zip.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.ivd.cab (incomplete) -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_w95.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\hqx.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\zip.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.rvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ve.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\na.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\gzip.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.ivd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\dbx.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.ivd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_x95.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mso.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mbox.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\iso.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_x95.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\dbx.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\pst.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\pdf.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\na.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.ivd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ve.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cvd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.ivd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\update.txt.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\update.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\gzip.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\html.xmd.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.cab -> Adware.Altnet : Nettoyer et sauvegarder
C:\Program Files\PerfectNav -> Adware.PerfectNav : Nettoyer et sauvegarder
C:\Program Files\PerfectNav\BHO -> Adware.PerfectNav : Nettoyer et sauvegarder


::Fin du rapport
26 Mai 2006 23:53:01

tu peux vider la quarantaine ewido en supprimant les fichiers etant dans cette quarantaine ,ils seront envoyé dans la corbeille donc vide la aussi.

Sinon repost un log hijackthis
26 Mai 2006 23:57:48

voila le rapport : d'hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 23:55:55, on 26/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Philips ToUcam Camera\VProperty.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Julien\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX620 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE /P31 "EPSON Stylus Photo RX620 Series" /O6 "USB002" /M "Stylus Photo RX620"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

27 Mai 2006 00:02:01

ton log me parait bien , mais pour etre vraiment sur quil n y plus de trojan ou autre menace tu peux faire un scan avec a²( necessite un enregistrement en ligne mais totalement gratuit)
www.emsisoft.net/fr/software/download/
27 Mai 2006 00:05:58

j'ai essayé cependant je n'arrive pas à me créer un nouveau compte...
27 Mai 2006 00:06:50

quelle est le probleme il te dit quoi??
27 Mai 2006 00:09:06

il me demande un nom d'utilisateur, un code ainsi qu'un numéro de licence. En haut à droite je peux cliquer sur créer un nouveau compte a² mais ce lien ne marche pas...
27 Mai 2006 00:13:00

c bizarre , tu pourra essayer plus tard c peut etre une erreur de leur part .
Sinon tu as toujours des problemes et tu utilise quoi comme navigateurs internet?
27 Mai 2006 00:14:02

t'es le meilleur... ;-)
27 Mai 2006 00:20:31

une dernière question, j'ai avast en anti virus... il me semble qu'il ne soit pas efficace, quel serai le meilleur logiciel de protection pour m'éviter tous type de virus?
27 Mai 2006 00:23:39

Il faut savoir que la protection absolue n'existe pas.

Avast est l'un des meilleurs antivirus gratuits.

Si tu veux investire dans quelque chose de bien et efficace achète Kaspersky.

Sinon comme pare feu tu as quoi ?

PS : Post le rapport de A² quand il sera fini.
27 Mai 2006 00:25:15

moi j utilise comme antivirus avg qui me satisfait.
Sinon en anti malware ewido et/ou a² , il suffit de faire des scan de temps en temps.
Et en anti spyware spybot S&D et ad-aware pareil il faut faire des scan regulierement.
Et en parefeu gratuit tu a zone alarm et kerio qui sont bien.

Sinon le meilleur antivirus c kapersky mais payant et couplet avec spysweeper tu serais tranquille.
Pour moi c la meilleure defensse mais c payant
27 Mai 2006 00:25:48

Je n'ai aucun pare feu particulier hormi celui de windows...
27 Mai 2006 00:36:43

voila le rapport a ² :
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>a-squared Report</title>
<style type="text/css">
BODY {SCROLLBAR-BASE-COLOR: #5d7fa8; COLOR: #383b3f; FONT-FAMILY: Verdana, Tahoma}
TABLE {COLOR: #383b3f; FONT-FAMILY: Verdana, Tahoma}
TD {FONT-SIZE: 75%; COLOR: #383b3f; FONT-FAMILY: Verdana, Tahoma}
</style>
</HEAD>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td bgcolor="#6E81A2" background="http://www.emsisoft.com/images/kachel_v2.jpg">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td rowspan="2" width="245"><a href="http://www.emsisoft.com" target="_top"><img src="http://www.emsisoft.com/images/logo_v2.jpg" alt="a-squared Homepage" width="245" height="100" border="0"></a></td>
<td width="99%" height="76">
<table width=100% border=0 cellspacing=0 cellpadding=0>
<tr>
<td><a href="http://www.emsisoft.com"><img src="http://www.emsisoft.com/images/a2_a-squared_v2.jpg" width=338 height=76 border=0 alt="a-squared Homepage"></a></td>
<td align=right style="padding-right: 32px"><img src="http://www.emsisoft.com/images/trojaner2.gif" border="0" alt="Trojan" width="60" height="76"></td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="24" bgcolor="#EAEAEA" background="http://www.emsisoft.com/images/navbg_v2.gif" style="padding-right: 32px">
<table border="0" cellpadding="0" cellspacing="0" height=24 width=100%>
<tr>
<td><a href="http://www.emsisoft.com"><img src="http://www.emsisoft.com/images/emsisoft_com.jpg" width=135 height=24 border=0 alt="a² Homepage"></a></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
<table width=100% border=0 cellspacing=0 cellpadding=30>
<tr>
<td valign=top>
<h2>a-squared Report</h2>
<table border=0>
<tr>
<td>Scan Started:</td>
<td>27/05/2006 00:17:46</td>
</tr>
<tr>
<td>Scan Finished:</td>
<td>27/05/2006 00:34:55</td>
</tr>
<tr>
<td>Scanning Time:</td>
<td>0h 17min 8sec</td>
</tr>
<tr>
<td>Scanned Files:</td>
<td>107980</td>
</tr>
<tr>
<td><font color="#FF0000">Infected Files:</font></td>
<td><font color="#FF0000">71</font></td>
</tr>
</table><br>
<TABLE style="BORDER: #8095A7 1px solid; BORDER-COLLAPSE: collapse" cellSpacing="2" cellPadding="1" border="1">
<tr>
<td><b>Nom du fichier</b></td>
<td><b>Diagnostic</b></td>
</tr>
<tr>
<td>C:\Program Files\funwebproducts</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.Fun..." target="_blank">Trace.Directory.FunWebProducts</td>
</tr>
<tr>
<td>C:\Program Files\kazaa</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.KaZ..." target="_blank">Trace.Directory.KaZaA</td>
</tr>
<tr>
<td>C:\Program Files\myway</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.MyW..." target="_blank">Trace.Directory.MyWaySpeedbar</td>
</tr>
<tr>
<td>C:\Program Files\myway\mybar</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.MyW..." target="_blank">Trace.Directory.MyWaySpeedbar</td>
</tr>
<tr>
<td>C:\Program Files\myway\mybar\1.bin</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.MyW..." target="_blank">Trace.Directory.MyWaySpeedbar</td>
</tr>
<tr>
<td>C:\Program Files\myway\mybar\history</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.MyW..." target="_blank">Trace.Directory.MyWaySpeedbar</td>
</tr>
<tr>
<td>C:\Program Files\mywebsearch</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.MyW..." target="_blank">Trace.Directory.MyWebSearchToobar</td>
</tr>
<tr>
<td>C:\Program Files\mywebsearch</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.MyW..." target="_blank">Trace.Directory.MyWebSearchToolbar</td>
</tr>
<tr>
<td>C:\Documents and Settings\Julien\Application Data\registry cleaner</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.Reg..." target="_blank">Trace.Directory.RegistryCleaner</td>
</tr>
<tr>
<td>C:\Program Files\webhancer</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.Web..." target="_blank">Trace.Directory.WebHancer</td>
</tr>
<tr>
<td>C:\Program Files\myway\mybar\1.bin\mybar.dll</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.MyWaySpe..." target="_blank">Trace.File.MyWaySpeedbar</td>
</tr>
<tr>
<td>C:\WINDOWS\downloaded program files\lsp_.dll</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.SAHAgent" target="_blank">Trace.File.SAHAgent</td>
</tr>
<tr>
<td>C:\WINDOWS\downloaded program files\sahuninstall_.exe</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.SAHAgent" target="_blank">Trace.File.SAHAgent</td>
</tr>
<tr>
<td>C:\WINDOWS\system32\sahagent.exe</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.SAHAgent" target="_blank">Trace.File.SAHAgent</td>
</tr>
<tr>
<td>C:\WINDOWS\system32\sahhtml.exe</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.SAHAgent" target="_blank">Trace.File.SAHAgent</td>
</tr>
<tr>
<td>C:\WINDOWS\system32\ifhelper.dll</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.SearchCe..." target="_blank">Trace.File.SearchCentrix</td>
</tr>
<tr>
<td>C:\WINDOWS\smdat32a.sys</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.Twain-Te..." target="_blank">Trace.File.Twain-Tech</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{8eee58d5-130e-4cbd-9c83-35a0564ea119}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.Barg..." target="_blank">Trace.Registry.BargainBuddy</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\classes\interface\{8eee58d5-130e-4cbd-9c83-35a0564ea119}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.Barg..." target="_blank">Trace.Registry.BargainBuddy</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\funwebproducts</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.FunW..." target="_blank">Trace.Registry.FunWebProducts</td>
</tr>
<tr>
<td>Key: HKEY_CURRENT_USER\software\imesh</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.IMes..." target="_blank">Trace.Registry.IMesh</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\imesh</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.IMes..." target="_blank">Trace.Registry.IMesh</td>
</tr>
<tr>
<td>Key: HKEY_CURRENT_USER\software\kazaa</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_CURRENT_USER\software\kazaa --> tmp</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\in --> b0</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\in --> b0seconds</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\in --> b1</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\lastestimate --> b</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\lastestimate --> time</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\out --> b0</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\out --> b0seconds</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\out --> b1</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\cloudload --> sharedir</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo --> kazaanet</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> downloaddir</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\kazaa</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa --> listenport</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Value: HKEY_LOCAL_MACHINE\software\kazaa --> tmp</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\d:\installshield\kazaa</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\sharman networks ltd</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.KaZa..." target="_blank">Trace.Registry.KaZaA</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\myway\mybar</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWa..." target="_blank">Trace.Registry.MyWaySpeedbar</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\myway</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWa..." target="_blank">Trace.Registry.MyWaySpeedbar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\clsid\{147a976e-eee1-4377-8ea7-4716e4cdd239}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\clsid\{147a976f-eee1-4377-8ea7-4716e4cdd239}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\clsid\{a4730ebe-43a6-443e-9776-36915d323ad3}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{07b18eaa-a523-4961-b6bb-170de4475cca}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{07b18eac-a523-4961-b6bb-170de4475cca}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\mywebsearch</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToobar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\clsid\{147a976e-eee1-4377-8ea7-4716e4cdd239}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\clsid\{147a976f-eee1-4377-8ea7-4716e4cdd239}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\clsid\{a4730ebe-43a6-443e-9776-36915d323ad3}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{07b18eaa-a523-4961-b6bb-170de4475cca}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{07b18eac-a523-4961-b6bb-170de4475cca}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_CLASSES_ROOT\interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\mywebsearch</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.MyWe..." target="_blank">Trace.Registry.MyWebSearchToolbar</td>
</tr>
<tr>
<td>Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/maconnect.dll</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Registry.WebD..." target="_blank">Trace.Registry.WebDialer</td>
</tr>
<tr>
<td>C:\Program Files\wanadoo</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.Directory.Wan..." target="_blank">Trace.Directory.WanadooToolbar</td>
</tr>
<tr>
<td>C:\Program Files\webhancer\programs\license.txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.SpeedRan..." target="_blank">Trace.File.SpeedRank</td>
</tr>
<tr>
<td>C:\Program Files\webhancer\programs\readme.txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.File.SpeedRan..." target="_blank">Trace.File.SpeedRank</td>
</tr>
<tr>
<td>C:\Documents and Settings\Julien\Cookies\julien@mediaplex[1].txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.TrackingCooki..." target="_blank">Trace.TrackingCookie</td>
</tr>
<tr>
<td>C:\Documents and Settings\Julien\Cookies\julien@doubleclick[1].txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.TrackingCooki..." target="_blank">Trace.TrackingCookie</td>
</tr>
<tr>
<td>C:\Documents and Settings\Julien\Cookies\julien@serving-sys[2].txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.TrackingCooki..." target="_blank">Trace.TrackingCookie</td>
</tr>
<tr>
<td>C:\Documents and Settings\Julien\Cookies\julien@atdmt[2].txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.TrackingCooki..." target="_blank">Trace.TrackingCookie</td>
</tr>
<tr>
<td>C:\Documents and Settings\Julien\Cookies\julien@bluestreak[1].txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.TrackingCooki..." target="_blank">Trace.TrackingCookie</td>
</tr>
<tr>
<td>C:\Documents and Settings\Julien\Cookies\julien@weborama[2].txt</td>
<td><a href="http://www.emsisoft.com/en/malware/?Trace.TrackingCooki..." target="_blank">Trace.TrackingCookie</td>
</tr>
</table>

<form action="http://www.emsisoft.com/a2/report/" method="post" name="form1" target="_blank">
</td>
</tr>
</table>
<table width="100%" height="29" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="right" background="http://www.emsisoft.com/images/navbg.gif"> </td>
</tr>
</table>
</body>
</HTML>
27 Mai 2006 00:43:32

il a une tete bizarre ton log difficile a dechiffrer
27 Mai 2006 00:50:53

C'est le "report" lorque le logiciel a fini son analyse et que j'ai supprimé les fichiers-Malware
27 Mai 2006 00:54:02

bas ecoute si tu as supprimer les malware trouver c bon , je pense que ton pc doit etre clean car les menaces trouver on ete detecter si tu n as plus de probleme mets [Resolu] au titre de ton sujet.

Merci
27 Mai 2006 00:55:03

En tout cas, merci pour tout... Bonne fin de soirée.
24 Juin 2009 14:40:32

bjr, pour ceux et celles qui passeraient par ce post ! en un scan pour éliminer Trojan.Banker avec ceci !!! Malwarebytes' Anti-Malware 1.38[/b]
Version de la base de données: 2328
Windows 5.1.2600 Service Pack 3

24/06/2009 14:15:47
mbam-log-2009-06-24 (14-15-47).txt

Type de recherche:Examen complet hors ligne et apres sa mise a jour !!! [/b](C:\|K:\|)
Eléments examinés: 165613
Temps écoulé: 32 minute(s), 59 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
k:\system volume information\_restore{05226255-65c1-4091-9a28-2a3d3b837c5f}\RP174\A0042186.exe (Trojan.Banker) -> Quarantined and deleted successfully.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS