Ljos

ok scan négatif avec TDS-3 .... il n'a rien trouvé ... pour l'origine de mon infection ... facile : je cherchais des paroles de chansons ... dans ces cas là, un moyen très simple quand je ne trouve pas dans mes sites favoris, c'est google. Avec le nom du titre et de l'artiste : ... un site donnait de bons résultats, et même pas eu le temps d'arriver sur le site que ça c'est affolé de partout ... et rien à faire. Pourtant, je n'avais jamais eu de pb avec ces sites là ... ce n'est même pas du téléchargement vu que les paroles ce n'est que du texte qui est ligne ... et qu'on copie/colle. Windows était à jour, Norton était à jour et en surveillance, il n'a rien trouvé ... le firewall de mon serveur n'a rien bloqué .... Ad-Aware n'a ensuite rien trouvé ... Spybot juste un peu ... et Spy Sweeper n'a bloqué qu'une partie. Et je ne fais même pas de peer-to-peer ... donc je pense qu'il faut arrêter de penser que ceux qui se font infectés sont des cruches ou des malades du téléchargement. A mon avis c'est surtout une histoire de chance ... on peut faire des tonnes de sites sans avoir de pb ... jusqu'au jour où ... on ne sait pas pourquoi sur un site qui semble correct avec un contenu anodin (des paroles de chansons c'est quand même anodin) et zouh on s'en prend le disque. En tout cas merci beaucoup ... vous m'avez vraiment aidé et sur un ton vraiment cordial ... ce qui est rare dans ce bas monde je n'hésiterais pas à recommander votre forum à bientôt !

le nouveau scan ne me donne rien .... mais si vous regardez bien le 1er : ... il y a 62 analyses ... 31 éradiquées ... la moitié. Mais dans le détail, ceux qui correspondent à une erreur, ont également été éradiqués. on retrouve les mêmes dans les 2 listes. .... en tout cas pour l'instant, il n'y a plus de softs bidons qui tourne sur ma bécane, Nail n'est pas réapparu ... ... je vais voir à long terme si ça revient ou pas mais c'est déjà un soulagement de ne plus voir Spy Sweeper s'énerver toutes les 30mn ... au fait ... est ce utile de mettre un Firewall perso pour se protéger de ces trucs ? ... je bosse dans une université ... le serveur (julie ... oui jolie nom ) a déjà un firewall (vu le nbre de mails qui n'arrivent pas pour cause de virus ...).... merci !! bon allez un peu de détente pour vous remercier (et de pub oui je sais ) ... si vous voulez visiter mon site web : http://www.alpesphoto.com (garantis sans spyware !! ) et un lien vers un fond d'écran maison ... avant une galerie "fond d'écran" bientôt en ligne : http://www.alpesphoto.com/FD/pontonFD1024.jpg http://www.alpesphoto.com/FD/pontonFD1280.jpg

au fait .... dois je vider la "quarantaine" après chaque utilisation ?

merci !! ... voici le rapport de Ewido : --------------------------------------------------------- ewido security suite - Rapport de scan --------------------------------------------------------- + Créé le: 12:28:31, 26/04/2005 + Somme de contrôle: E51E3BBA + Date des signatures: 26/04/2005 + Version du moteur de recherche: v3.0 + Temps: 72 min + Fichiers scannés: 151223 + Vitesse: 34.57 Fichiers/Secondes + Fichers infectés: 62 + Fichiers supprimés: 31 + Fichiers mis en quarantaine: 31 + Fichiers ne pouvant pas être ouverts: 0 + Fichiers ne pouvant pas être nettoyés: 31 + Liés: Oui + Cryptés: Oui + Archives: Oui + Elements scannés: C:\ E:\ C:\ E:\ + Résultats du scan: C:\Documents and Settings\aberger\Cookies\aberger@ads.wanadooregie[1].txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\Documents and Settings\Antoine Berger\Local Settings\Temporary Internet Files\Content.IE5\UATUYKXA\Nail[1].exe -> Trojan.Nail -> Nettoyer et sauvegarder C:\Documents and Settings\visiteur\Cookies\visiteur@geocities[1].txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\Documents and Settings\étudiant\Cookies\étudiant@geocities[1].txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\WINDOWS\Nail-exe.anc -> Trojan.Nail -> Nettoyer et sauvegarder C:\WINDOWS\system32\cynfmsp.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\enlql1351.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\fpp0037me.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\gp6sl3j71.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\guard.tmp -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\hr8q05l5e.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\hrj2051oe.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\hrru0599e.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\ifsecsvc.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\ijwphbk.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\j6p0lg7m16.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\k0nola531d.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\ksdycl.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\l04q0ah5ed4.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\m2460chsef460.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\mjekxo-exe.anc -> Trojan.Agent.cp -> Nettoyer et sauvegarder C:\WINDOWS\system32\prustab.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\q0nula591d.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\r08slal71dq.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\scmpsnap.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\sorvdeps.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\system32\sxinmagic.dll -> Spyware.Look2Me.ab -> Nettoyer et sauvegarder C:\WINDOWS\Temp\B220560784\build2.exe -> Spyware.Isearch -> Nettoyer et sauvegarder C:\WINDOWS\utroeoukur.exe -> Spyware.BetterInternet -> Nettoyer et sauvegarder E:\soft\new_uninstall.exe -> TrojanDownloader.Swizzor.ck -> Nettoyer et sauvegarder E:\soft\toolbar_uninstall.exe -> TrojanDownloader.Swizzor.ck -> Nettoyer et sauvegarder C:\Documents and Settings\aberger\Cookies\aberger@ads.wanadooregie[1].txt -> Spyware.Tracking-Cookie -> Erreur durant le nettoyage C:\Documents and Settings\Antoine Berger\Local Settings\Temporary Internet Files\Content.IE5\UATUYKXA\Nail[1].exe -> Trojan.Nail -> Erreur durant le nettoyage C:\Documents and Settings\visiteur\Cookies\visiteur@geocities[1].txt -> Spyware.Tracking-Cookie -> Erreur durant le nettoyage C:\Documents and Settings\étudiant\Cookies\étudiant@geocities[1].txt -> Spyware.Tracking-Cookie -> Erreur durant le nettoyage C:\WINDOWS\Nail-exe.anc -> Trojan.Nail -> Erreur durant le nettoyage C:\WINDOWS\system32\cynfmsp.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\enlql1351.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\fpp0037me.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\gp6sl3j71.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\guard.tmp -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\hr8q05l5e.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\hrj2051oe.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\hrru0599e.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\ifsecsvc.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\ijwphbk.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\j6p0lg7m16.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\k0nola531d.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\ksdycl.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\l04q0ah5ed4.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\m2460chsef460.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\mjekxo-exe.anc -> Trojan.Agent.cp -> Erreur durant le nettoyage C:\WINDOWS\system32\prustab.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\q0nula591d.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\r08slal71dq.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\scmpsnap.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\sorvdeps.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\system32\sxinmagic.dll -> Spyware.Look2Me.ab -> Erreur durant le nettoyage C:\WINDOWS\Temp\B220560784\build2.exe -> Spyware.Isearch -> Erreur durant le nettoyage C:\WINDOWS\utroeoukur.exe -> Spyware.BetterInternet -> Erreur durant le nettoyage E:\soft\new_uninstall.exe -> TrojanDownloader.Swizzor.ck -> Erreur durant le nettoyage E:\soft\toolbar_uninstall.exe -> TrojanDownloader.Swizzor.ck -> Erreur durant le nettoyage ::Fin du rapport pour les erreurs durant le nettoyage, j'ai fais un double scan ... et visiblement au 2e passage il a viré des trucs qu'il n'avait pas réussit à nettoyer au 1er passage .... voici le nouveau rapport Hijackthis, il a l'air clair comme de l'eau de roche : Logfile of HijackThis v1.99.1 Scan saved at 12:30:28, on 26/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\Program Files\antispy\ewido\security suite\ewidoctrl.exe C:\Program Files\antispy\ewido\security suite\ewidoguard.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\antispy\ewido\security suite\SecuritySuite.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\System32\LVComsX.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\antispy\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.98.46.120/activex/AxisCamControl.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{FB35CB57-695E-4FA0-BE66-439CE9384EDD}: NameServer = 193.48.120.32,193.48.120.4 O18 - Protocol: bw+0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\antispy\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\antispy\ewido\security suite\ewidoguard.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing) merci !! ... je vous tiens au courant pour la suite des événements ... je referais un scan Ewido cet AM au cas où ... ... une question : comment se fait-ce qu'il y ait autant de différences entre les antispywares ? de Ad-Aware qui ne trouve strictement rien ou presque ... Spysweeper qui m'a déjà nettoyé une bonne partie ... à Ewido qui semble faire le grand ménage de printemps ...

boudiou !! avant même que j'ai eu le temps de réagir il m'en a trouvé 3 .... il a eu un peu de mal avec certains ... ... et au re-démarrage il m'a trouvé Nail.exe .... et qui est pour l'instant éradiqué ... je suis entrain de faire un scan complet et je te tiens au jus ... ... hum petite question un peu bête ... un malware c'est quoi exactement ? j'ai bien vu que ça fait pas de dégâts mais en quoi ça consiste ? c'est juste un soft de pub récalcitrant créé par des boites malveillantes ? merci !!

bon ben c'est pas gagné ... Nail.exe une fois renommée a été immédiatement recréé sous le même nom ... et mjekxo.exe a été recréé sous le nom de twlfuu.exe ... ... pourtant je retrouve bien mes 2 fichiers renommés nail-exe.anc et mjokxo-exe.anc voilà mon nouveau rapport Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 10:07:37, on 26/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe c:\windows\system32\twlfuu.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\System32\LVComsX.exe C:\Program Files\antispy\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.98.46.120/activex/AxisCamControl.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{FB35CB57-695E-4FA0-BE66-439CE9384EDD}: NameServer = 193.48.120.32,193.48.120.4 O18 - Protocol: bw+0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

bonjour ! merci pour toutes ses infos ! bon je m'y colle ... avec un nouveau Hijackthis zyohys.exe s'appelle mjekxo.exe maintenant .... mjekxo.exe a été modifié le 08.04.2005 nail.exe a été modifié le 02.05.2004 voici le résultat RegSearch : REGEDIT4 ; Registry Search by Bobbi Flekman ; Version: 1.0.1.4 ; Results at 26/04/2005 09:46:40 for strings: ; 'mjekxo.exe' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_USERS\S-1-5-21-776561741-1078145449-839522115-1003\Software\Webroot\SpySweeper\Startup\2_nvpcrmh] "path"="c:\\windows\\system32\\mjekxo.exe" [HKEY_USERS\S-1-5-21-776561741-1078145449-839522115-1003\Software\Webroot\SpySweeper\Startup\2_nvpcrmh] "command"="c:\\windows\\system32\\mjekxo.exe" ; End Of The Log... et le 2e pour nail.exe : REGEDIT4 ; Registry Search by Bobbi Flekman ; Version: 1.0.1.4 ; Results at 26/04/2005 09:52:42 for strings: ; 'nail.exe' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="Explorer.exe C:\\WINDOWS\\Nail.exe" ; End Of The Log... ... bon je te tiens au courant pour la suite ...

"Tu dis que tu as des pop up + des fenêtres... quelles différences ? taille ?" euh pour moi les fenêtres c'est une page complète du navigateur avec les menus et c'est pas seulement un truc de pub ... ça ouvre sur un vrai site ... mais les choses ont changé : - jusqu'à ce matin j'étais sur Mozilla ... et dès que je rentrais un truc dans une case sensible de recherche (type google par ex), une fenêtre Mozilla s'ouvrait sur un site qui s'appelle Sportresults ... ... depuis j'ai installé Firefox et ça ne le fait plus ... par contre j'ai qqes fois des pop up "aurora" qui s'ouvrent. ... et il y a une heure une fenètre IE c'est ouverte toute seule ... mais j'ai pas regardé ce que c'était j'ai viré tout de suite .... ... ah j'ai oublié de mentionner, et c'est plus embêtant .... de temps en temps comme ce matin ... zou, ordi qui plante et écran bleu. mais sinon, non je suis pas stressé mes données sont protégées ... si c'est un Trojan ça risque pas grand chose. Juste du temps perdu inutilement. voilà merci pour votre aide !

c'est fait

merci c'est bien ce qui me semblait ... vu tout ce que j'ai essayé ... j'ai essayé de virer le nail.exe ... en mode sans échec avec Hijackthis, à la main ... ou Eraser ... et rien à faire, Eraser tourne en boucle car ça revient toujours ... ... la merde intégrale ce truc ...

bonjour ! désolé de vous embêter avec ce truc ... je pense que je dois être le Xème à poser cette même question .... j'ai un truc dans mon ordi qui me met des adwares régulièrement sur mon ordi ... ... ma procédure : j'ai décliqué la restauration du système, j'ai redémarré en mode sans échec, et j'ai scanné avec Spy Sweeper, Ad-Aware et Spybot ... j'ai éliminé des cookies, des adwares nommés Abetterinternet, Look2me, idesktop search, etc ... ça marche bien pendant un temps ... et zou, Norton au bout d'une semaine me retrouve à chaque fois un Trojan (désolé j'ai pas le nom) et le merdier recommence ... là j'ai un .exe sur ma bécane que Spy Sweeper détecte, mais à chaque fois il revient automatiquement sous un nom différent qui veut rien dire ... et pour finir j'ai des pop up qui apparaissent sous le nom de Aurora (pourtant j'ai tout bloqué sur FireFox) + des fenêtres qui s'ouvrent régulièrement .... auriez vous une idée ? à mon avis j'ai un truc caché qu'aucun soft ne détecte ... et dès qu'il se sent bien planqué il appelle tout ses potes pour faire la fête dans mon ordi ... pas méchant ... juste chiant. voilà mon scan Hijackthis ... si vous avez le temps ... perso j'y comprends pas grand chose ... merci !! Logfile of HijackThis v1.99.1 Scan saved at 14:38:10, on 25/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Qualcomm\Eudora\Eudora.exe C:\PROGRA~1\MOZILL~1\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe c:\windows\system32\zyohys.exe C:\Program Files\Logitech\Video\AlbumDB2.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\System32\LVComsX.exe C:\eraser\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/platypus/miniclipGameLoader.dll O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/11d84a80b82cf8...RdxIE601_fr.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.98.46.120/activex/AxisCamControl.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{FB35CB57-695E-4FA0-BE66-439CE9384EDD}: NameServer = 193.48.120.32,193.48.120.4 O18 - Protocol: bw+0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {D2F2B47A-023E-467E-9DCA-C77C3F7E1958} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe