Se connecter / S'enregistrer
Votre question

command service/ MRU list/ et Tracking cookie... que faire??????

Tags :
  • Cookie
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Janvier 2006 14:52:42

Bonjour à tous, je suis nouveau ici jai decidé de m'inscrire parce que jai vraiment besoin d'aide je suis vraiment NUL de chez NUL en info :-(

Alors quand je scanne mon pc avec spybot je trouve tout le temps un truc: "command service" , il veut pas partir!!!
et avec ad-aware jai toujours 2 trucs: MRU list et tracking cookie, voilà le log pour les 2 derniers:


Ad-Aware SE Build 1.06r1
Logfile Created on:vendredi 20 janvier 2006 14:27:17
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R86 11.01.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):19 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


20-01-2006 14:27:17 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 552
ThreadCreationTime : 20-01-2006 13:09:19
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 652
ThreadCreationTime : 20-01-2006 13:09:27
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 696
ThreadCreationTime : 20-01-2006 13:09:28
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 708
ThreadCreationTime : 20-01-2006 13:09:28
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 876
ThreadCreationTime : 20-01-2006 13:09:28
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 900
ThreadCreationTime : 20-01-2006 13:09:28
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1120
ThreadCreationTime : 20-01-2006 13:09:32
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE

#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1260
ThreadCreationTime : 20-01-2006 13:09:33
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:9 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1392
ThreadCreationTime : 20-01-2006 13:09:33
BasePriority : Normal


#:10 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1408
ThreadCreationTime : 20-01-2006 13:09:33
BasePriority : High
FileVersion : 4, 6, 739, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswServ.exe

#:11 [incdsrv.exe]
FilePath : C:\Program Files\Ahead\InCD\
ProcessID : 1468
ThreadCreationTime : 20-01-2006 13:09:34
BasePriority : Normal
FileVersion : 4, 0, 12, 5
ProductVersion : 4, 0, 12, 5
ProductName : AHEAD Software incdsrv
CompanyName : AHEAD Software
FileDescription : incdsrv
InternalName : incdsrv
LegalCopyright : Copyright © 2003
OriginalFilename : incdsrv.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1572
ThreadCreationTime : 20-01-2006 13:09:37
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:13 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1664
ThreadCreationTime : 20-01-2006 13:09:37
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:14 [vttimer.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1936
ThreadCreationTime : 20-01-2006 13:09:40
BasePriority : Normal
FileVersion : 1.100.2004.0115
ProductVersion : 1.100.2004.0115
ProductName : S3 Graphics, Inc. Utilities
CompanyName : S3 Graphics, Inc.
InternalName : S3Timer
LegalCopyright : Copyright (C) 2001-2004 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated

#:15 [adeck.exe]
FilePath : C:\Program Files\VIAudioi\SBADeck\
ProcessID : 1944
ThreadCreationTime : 20-01-2006 13:09:40
BasePriority : Normal
FileVersion : 1.0.0.0
ProductVersion : 5.70a
ProductName : Vinyl Deck
CompanyName : VIA Technologies, Inc.
FileDescription : VIA Codec Control Panel
InternalName : Vinyl Deck

#:16 [incd.exe]
FilePath : C:\Program Files\Ahead\InCD\
ProcessID : 1960
ThreadCreationTime : 20-01-2006 13:09:40
BasePriority : Normal
FileVersion : 4, 0, 12, 5
ProductVersion : 4, 0, 12, 5
ProductName : InCD
CompanyName : Ahead Software AG
FileDescription : InCD
InternalName : InCD
LegalCopyright : Copyright (c) Ahead Software 1996-2003, Karlsbad, Germany
LegalTrademarks : InCD TM
OriginalFilename : InCD.exe

#:17 [pdvdserv.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 1972
ThreadCreationTime : 20-01-2006 13:09:41
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright (c) CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE

#:18 [hpztsb07.exe]
FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\
ProcessID : 2004
ThreadCreationTime : 20-01-2006 13:09:41
BasePriority : Normal
FileVersion : 2,140,0,0
ProductVersion : 2,140,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2002

#:19 [lvcomsx.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 172
ThreadCreationTime : 20-01-2006 13:09:42
BasePriority : Normal
FileVersion : 8.4.1.1092
ProductVersion : 8.4.1.1092
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : (c) 1996-2004 Logitech. All rights reserved.
OriginalFilename : LVComS.exe

#:20 [logitray.exe]
FilePath : C:\Program Files\Logitech\Video\
ProcessID : 184
ThreadCreationTime : 20-01-2006 13:09:43
BasePriority : Normal
FileVersion : 8.4.1.1092
ProductVersion : 8.4.1.1092
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : ImageStudio Tray Application
InternalName : LogiTray.exe
LegalCopyright : (c) 1996-2004 Logitech. All rights reserved.
OriginalFilename : LogiTray.exe

#:21 [msgplus.exe]
FilePath : C:\Program Files\MessengerPlus! 3\
ProcessID : 188
ThreadCreationTime : 20-01-2006 13:09:43
BasePriority : Normal


#:22 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_05\bin\
ProcessID : 216
ThreadCreationTime : 20-01-2006 13:09:43
BasePriority : Normal


#:23 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 344
ThreadCreationTime : 20-01-2006 13:09:46
BasePriority : Normal


#:24 [hpwuschd2.exe]
FilePath : C:\Program Files\HP\HP Software Update\
ProcessID : 444
ThreadCreationTime : 20-01-2006 13:09:46
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : HP Software Update Application
CompanyName : Hewlett-Packard Company
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe

#:25 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 452
ThreadCreationTime : 20-01-2006 13:09:46
BasePriority : Normal


#:26 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 976
ThreadCreationTime : 20-01-2006 13:09:48
BasePriority : Normal
FileVersion : 4, 6, 739, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswDisp.exe

#:27 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 1176
ThreadCreationTime : 20-01-2006 13:09:48
BasePriority : Normal
FileVersion : 4.7.0041
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:28 [logitechdesktopmessenger.exe]
FilePath : C:\Program Files\Logitech\Desktop Messenger\8876480\Program\
ProcessID : 1288
ThreadCreationTime : 20-01-2006 13:09:49
BasePriority : Normal
FileVersion : 2.1.2.0
ProductVersion : 2.1.2.0
ProductName : Logitech Desktop Messenger
CompanyName : Logitech
FileDescription : Logitech Desktop Messenger
InternalName : Logitech BackWeb Runner
LegalCopyright : Copyright (C) Logitech 2000-2004. All rights reserved
OriginalFilename : backweb-8876480.exe
Comments : www.logitech.com/ldm

#:29 [dslmon.exe]
FilePath : C:\Program Files\SAGEM\SAGEM F@st 800-840\
ProcessID : 1752
ThreadCreationTime : 20-01-2006 13:09:50
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : DSLMON Application
FileDescription : ADIMON MFC Application
InternalName : DSLMON
LegalCopyright : Copyright (C) 2000
OriginalFilename : ADIMON.EXE

#:30 [fxsvr2.exe]
FilePath : C:\Program Files\Logitech\Video\
ProcessID : 1892
ThreadCreationTime : 20-01-2006 13:09:50
BasePriority : Normal
FileVersion : 8.4.1.1092
ProductVersion : 8.4.1.1092
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : QuickCam Framework Server
InternalName : FxSvr.EXE
LegalCopyright : (c) 1996-2004 Logitech. All rights reserved.
OriginalFilename : FxSvr.EXE

#:31 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 2128
ThreadCreationTime : 20-01-2006 13:09:51
BasePriority : Normal
FileVersion : 45.4.157.000
ProductVersion : 045.004.157.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor
InternalName : HPQTRA00
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2004
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor

#:32 [hpqgalry.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 2216
ThreadCreationTime : 20-01-2006 13:09:53
BasePriority : Normal


#:33 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2916
ThreadCreationTime : 20-01-2006 13:27:11
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:mr@as1.falkag.de/
Expires : 20-03-2006 15:08:40
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@cs.sexcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:mr@cs.sexcounter.com/
Expires : 12-05-2024 19:07:28
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:mr@zedo.com/
Expires : 17-01-2016 22:04:50
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mr@statcounter.com/
Expires : 18-01-2011 13:38:14
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@ads.multimania.lycos[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mr@ads.multimania.lycos.fr/
Expires : 19-01-2006 22:02:08
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mr@estat.com/
Expires : 17-01-2016 18:21:44
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@qksrv[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:mr@qksrv.net/
Expires : 18-01-2011 19:06:42
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:mr@serving-sys.com/
Expires : 31-12-2037 23:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mr@bluestreak.com/
Expires : 18-01-2016 08:57:54
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:mr@tradedoubler.com/
Expires : 15-01-2026 13:59:28
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mr@imrworldwide.com/cgi-bin
Expires : 19-01-2009
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@www.cibleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:mr@www.cibleclick.com/
Expires : 12-01-2036 22:04:26
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:mr@www.smartadserver.com/
Expires : 14-01-2026 22:06:18
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:mr@adtech.de/
Expires : 16-01-2016 21:48:40
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mr@realmedia.com/
Expires : 01-01-2021 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:mr@apmebf.com/
Expires : 18-01-2011 19:06:40
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@247realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mr@247realmedia.com/
Expires : 01-01-2021 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:mr@overture.com/
Expires : 16-01-2016 19:54:30
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mr@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:mr@weborama.fr/
Expires : 18-01-2011 15:19:20
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 19
Objects found so far: 19



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19

Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19

Disk Scan Result for C:\DOCUME~1\mr\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
31 entries scanned.
New critical objects:0
Objects found so far: 19



MRU List Object Recognized!
Location: : C:\Documents and Settings\mr\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1708537768-1972579041-682003330-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 34

14:28:31 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:13.609
Objects scanned:74116
Objects identified:19
Objects ignored:0
New critical objects:19





Voilà j'espere que quelqu'un pourra m'aider, je rappelle que je suis archi nul dans ce domaine
:saipa:
je vous remercie a l'avance.
- Haemoglobin -

Autres pages sur : command service mru list tracking cookie

20 Janvier 2006 15:37:03

"command service" je vois pas trop ce que tu veux dire...

Les MRU sont les dossier qui ont été recemment ouverts (par toi ou tes programmes) donc non dangereux, et les tracking cookies sont des cookies que mettent les sites web dans ton PC pour t'identifier.

Cela peut servire à des themes, des stats où tout un tas d'autres trucs. Enleve les par précaution.

voilà
20 Janvier 2006 16:13:19

Merci c'est gentil pour la reponse, mais comment on fait pour les enlever les cookies? parce que j'ai lu quelque part qu'il fallait aller à option internet et supprimer les cookies, le probleme c'est qu'ils revienent toujours donc je doute que ce soit de cette maniere qu'il faut s'y prendre...
saurais tu comment les supprimer definitivement?
je pense que c'est à cause de ça que j'ai des pubs de partout c'est vraiment genant :-x
20 Janvier 2006 16:19:12

Je ne pense pas que ce soit a cause des cookies que tu as des pubs, mais plutot a cause de spywares...

Pour repondre a ta premiere question, tu peux supprimer manuellement tes cookies en allant a ce chemin:

C:/documents and setting/ton_compte/Cookies

Pour tes spywares, utilise Spybot, AdAware, et A²Free.

Fais les MAJ de ces logiciels, redemarre en mode sans echec (F8 au demarrage), et scan ton PC. Supprime tout ces qu'ils te trouvent.

Voilà
20 Janvier 2006 18:14:48

Je te remercie pour ton aide, mais meme apres cela, spybot me trouve "command service" et il arrive pas à le corriger, il me demande de redemarrer l'ordi, et je tourne en rond encore et encore !! :crying:
vous feriez quoi à ma place?
20 Janvier 2006 18:42:02

Logfile of HijackThis v1.99.1
Scan saved at 18:38:21, on 20/01/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\AnalogX\CookieWall\cookie.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\mr\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: ATLDistrib Object - {83A5F7B7-DC75-44CE-9195-264F41709FA9} - C:\WINDOWS\System32\gebyw.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [NfFT] C:\WINDOWS\ddhldnfe.exe
O4 - HKLM\..\Run: [Qzdzgft] C:\Program Files\Dvuevbd\Ejfpz.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe \RESET
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [enewsletterpro] c:\windows\enewsletterpro.exe
O4 - HKLM\..\Run: [banmanpro] c:\windows\banmanpro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_glob.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{785F820A-21E9-460E-BAF3-C1E3D3ACCB17}: NameServer = 217.19.192.132 217.19.192.131
O18 - Protocol: bw+0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: msgplusloader.dll
O20 - Winlogon Notify: gebyw - C:\WINDOWS\System32\gebyw.dll
O20 - Winlogon Notify: MS-DOS Emulation - C:\WINDOWS\system32\l02slaf71d2.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe (file missing)






si ça peut vous aider... parce moi je capte rien lol
merci.
20 Janvier 2006 19:56:34

au secours j'ai plein de merdes je peux meme pas ecrire une phrase sans devoir fermer une page de pub c insupportable, ya quelqu'un svp??

de plus j'ai scanné avec ewido, jai "look2me" et "virtumonde" qui partent pas... :tape:
20 Janvier 2006 20:56:00

Bon ok j'ai analyser ton logfile HJT et j'en ai déduis que tes spyware ne partent pas puisqu'ils sont présentement utilisé. Ils sont en cours de fonctionnement. Pour y remédier tu vas cocher les lignes suivantes et tu vas appuyer sur le bouton fix cehcked.

-----------------------------------------------------------
O4 - HKLM\..\Run: [enewsletterpro] c:\windows\enewsletterpro.exe
O4 - HKLM\..\Run: [banmanpro] c:\windows\banmanpro.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.skymasters.biz
O17 - HKLM\System\CCS\Services\Tcpip\..\{785F820A-21E9-460E-BAF3-C1E3D3ACCB17}: NameServer = 217.19.192.132 217.19.192.131
O18 - Protocol: bw+0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {72F574F2-9F98-40AD-A83C-E982BF2DED30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: msgplusloader.dll
O20 - Winlogon Notify: gebyw - C:\WINDOWS\System32\gebyw.dll
O20 - Winlogon Notify: MS-DOS Emulation - C:\WINDOWS\system32\l02slaf71d2.dll
O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe (file missing)
---------------------------------------------------------

Ensuite tu vas faire un scan avec Ewido et envoi moi son rapport. Fait un scan avec SmitFraudFix en utilisant l'option 1 puis en nettoyant en utilisant l'option 2 et envoie moi son rapport. Fait un scan en ligne de ton ordinateur seulement avec KasperSky et envoie moi son rapport. Je te donnerai davantages de manipulations mais nous seront proches de la fin. ;-) :bounce: 
20 Janvier 2006 20:56:41

Ps.: Désintalle messenger plus et réinstalle le sans le sponsor. Fait attention aux étapes
20 Janvier 2006 21:33:11

uhh excuse jai pas tres bien compris, je dois cocher où au juste? dsl mais je suis un boulet en info
merci.
20 Janvier 2006 21:38:13

ah non pardon jai trouvé ou cetait lol
20 Janvier 2006 22:38:23

alors voilà ce que me donne Ewido

--------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 22:07:40, 20/01/2006
+ Somme de contrôle: 9B4516B1

+ Résultats du scan:

[284] C:\WINDOWS\system32\wcnsock.dll -> Spyware.Look2Me : Erreur durant le nettoyage
C:\Documents and Settings\mr\Local Settings\Application Data\Microsoft\Internet Explorer\V0.29.dat -> Dialer.Generic : Nettoyer et sauvegarder
C:\Documents and Settings\mr\Local Settings\Application Data\Microsoft\Internet Explorer\V0.30.dat -> Dialer.Generic : Nettoyer et sauvegarder
C:\Documents and Settings\mr\Mes documents\Mes images\smileys\block-checker-xp.exe/2 -> Spyware.Chiem : Nettoyer et sauvegarder
C:\eied_s7.cab/eied_s7_c_77.exe -> Downloader.Mediket.an : Nettoyer et sauvegarder
C:\WINDOWS\system32\crrtmgr.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\g4402ehmgh4a2.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\guard.tmp -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\h04m0ah1ed4.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\lvj2091oe.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\mcjter40.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\n42u0ef9eh2.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\nitui0.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\p0n8la5u1d.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\wfaservc.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\wfbhits.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\__delete_on_reboot__guard.tmp -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\__delete_on_reboot__wcnsock.dll -> Spyware.Look2Me : Nettoyer et sauvegarder


::Fin du rapport








et par contre avec smitfraudfix je sais pas si c'est bien ça qui fallait faire :

mitFraudFix v2.15

Rapport fait à 22:19:08.42 le 20/01/2006
Executé à partir de C:\Documents and Settings\mr\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\mr\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant"

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport





et le second:
SmitFraudFix v2.15

Rapport fait à 22:20:19.46 le 20/01/2006
Executé à partir de C:\Documents and Settings\mr\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport






En ce qui concerne kaspersky, faut il desactivé l'antivirus? jai pas osé le faire meme si c'eatis ecrit, puis le sacn s'est pas lancé, donc je prefere demander avant..




20 Janvier 2006 23:18:09

Finalement en changeant de site ... je l'ai fait... mais quand je clique pour avoir un rapport ça vient pas je suis deg, je recommencerai et le posterai.
merci pour ton aide.
(en resultat j'ai 22 virus et 95 objets infectes, je sens que je vais pas dormir ce soir, car mon pc m'est vraiment utile :roll:
20 Janvier 2006 23:59:28


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie. vrai

Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\

Statistiques de l'analyse
Total d'objets analysés : 34786
Nombre de virus trouvés 22
Nombre d'objets infectés 50
Nombre d'objets suspects 0
Durée de l'analyse 00:29:33

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\mr\Local Settings\Application Data\Microsoft\Internet Explorer\V0.39.dat Infecté: Trojan-Downloader.Win32.Small.bdl ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151121.exe Infecté: Trojan-Downloader.Win32.VB.ft ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151123.exe Infecté: Trojan-Downloader.Win32.Small.aod ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151124.exe Infecté: Trojan-Downloader.Win32.Small.ayb ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151125.exe Infecté: Trojan-Spy.Win32.Montp.o ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151126.exe Infecté: Trojan.Win32.Dialer.hh ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151127.exe Infecté: Trojan-Downloader.Win32.Adload.a ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151128.exe Infecté: Trojan-Downloader.Win32.Adload.a ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151133.exe Infecté: Trojan-Downloader.Win32.IstBar.ju ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151134.dll Infecté: Trojan-Downloader.Win32.IstBar.gen ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151135.dll Infecté: Trojan-Downloader.Win32.IstBar.ik ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151136.dll Infecté: Trojan-Downloader.Win32.IstBar.ik ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151137.exe Infecté: Trojan-Downloader.Win32.IstBar.ij ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151138.exe Infecté: Trojan-Downloader.Win32.IstBar.gen ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151140.dll Infecté: Trojan-Downloader.Win32.Dyfuca.gen ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151141.dll Infecté: Trojan-Downloader.Win32.Dyfuca.gen ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151142.exe Infecté: Trojan-Downloader.Win32.Dyfuca.ep ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151143.exe Infecté: Trojan-Downloader.Win32.Dyfuca.ep ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151144.exe Infecté: Trojan-Downloader.Win32.Dyfuca.ei ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151146.exe Infecté: Trojan.Win32.Small.cy ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151149.exe Infecté: Trojan-Downloader.Win32.IstBar.jm ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151150.exe Infecté: Trojan-Downloader.Win32.IstBar.jm ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151151.exe Infecté: Trojan-Downloader.Win32.IstBar.jm ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP39\A0151154.exe Infecté: Trojan.Win32.Dialer.hh ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0278389.exe Infecté: Trojan-Clicker.Win32.VB.kc ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0278393.exe/data.rar/w3.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0278393.exe/data.rar Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0278393.exe RarSFX: infecté - 2 ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0278395.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0278421.exe Infecté: Trojan.Win32.Dialer.dc ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0278422.exe Infecté: Trojan-Downloader.Win32.IstBar.gen ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0279744.exe/data.rar/w3.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0279744.exe/data.rar Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0279744.exe RarSFX: infecté - 2 ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0279746.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280624.exe Infecté: Trojan-Downloader.Win32.PurityScan.be ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280625.exe Infecté: Trojan-Dropper.Win32.VB.kk ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280686.exe/data0002/data0006 Infecté: Trojan-Dropper.Win32.VB.kk ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280686.exe/data0002 Infecté: Trojan-Dropper.Win32.VB.kk ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280686.exe NSIS: infecté - 2 ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280826.exe/data.rar/w3.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280826.exe/data.rar Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280826.exe RarSFX: infecté - 2 ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280827.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280828.exe Infecté: Trojan-Downloader.Win32.Adload.j ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280831.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280832.exe/data.rar/w3.exe Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280832.exe/data.rar Infecté: Trojan-Proxy.Win32.Ranky.dv ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280832.exe RarSFX: infecté - 2 ignoré

C:\System Volume Information\_restore{5E98EBF6-EC83-4F60-9E7C-FFDFC67D7537}\RP63\A0280833.exe Infecté: Trojan-Downloader.Win32.Adload.j ignoré

Analyse terminée.






voilà je pense avoir tout fait pour l'instant je suis crevé! entre les plantages et les pubs j'ai cru que j'allais devenir fou, bon j'attend mainetant que tu me guide lol, jte remercie beaucoup.
21 Janvier 2006 00:48:48

merci omar sharif pour ton aide, faut faire autre chose ou c tout?
21 Janvier 2006 11:03:33

Ce matin j'ai refait un rapport ewido le voici:


ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 10:57:03, 21/01/2006
+ Somme de contrôle: 886A619E

+ Résultats du scan:

[1092] C:\WINDOWS\system32\mzl_hp.dll -> Spyware.Look2Me : Erreur durant le nettoyage
[1608] C:\WINDOWS\system32\mzl_hp.dll -> Spyware.Look2Me : Erreur durant le nettoyage
C:\WINDOWS\system32\dnp6017se.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\f20olcd31f0.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\fp8s03l7e.dll -> Spyware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\system32\__delete_on_reboot__wcnsock.dll -> Spyware.Look2Me : Nettoyer et sauvegarder


::Fin du rapport



apparemment look2me veut pas partir :-? j'ai autant de pubs qu'avant :/ 
vous me conseillez quoi?
merci d'avance
21 Janvier 2006 15:52:50

Quelqu'un peut m'aider à eliminer look2me svp? :crying:
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS