Piègé par Spyware Quake, Help

[udolfo]

Salut Regis,

 

depuis le scan en ligne avec Panda, j'ai des fenetres de IE qui s'ouvre (je n'utilise que firefox sauf quand ça marche pas autrement)

 

Voici celle qui vient de s'ouvrir

 

http://www.winantiviruspro.com/pages/newco...&lid=symant

 

est ce bien normal ???

 

A+

[regis56]

Bonjour udolfo !

 

Remet un rapport hijackthis STP

[udolfo]

Salut Regis

 

le voici

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:20:27, on 20/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

E:\Program Files\Alwil Software\Avast4\ashServ.exe

E:\Program Files\ewido anti-spyware 4.0\guard.exe

E:\WINDOWS\system32\nvsvc32.exe

E:\WINDOWS\system32\oodag.exe

E:\WINDOWS\system32\svchost.exe

E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

E:\WINDOWS\Explorer.EXE

E:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe

E:\WINDOWS\SOUNDMAN.EXE

E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

E:\WINDOWS\system32\RUNDLL32.EXE

c:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe

E:\Program Files\ewido anti-spyware 4.0\ewido.exe

E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

E:\WINDOWS\system32\ctfmon.exe

E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

E:\WINDOWS\System32\svchost.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

E:\Program Files\Logitech\SetPoint\SetPoint.exe

E:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

E:\Program Files\Mozilla Firefox\firefox.exe

E:\Documents and Settings\François\Bureau\Rep infection\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode

O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [!ewido] "E:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized

O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://locator.cdn.imageservr.com

O15 - Trusted Zone: http://scanner.sysprotect.com

O15 - Trusted IP range: http://202.67.220.225

O15 - Trusted IP range: http://59.148.220.121

O15 - Trusted IP range: http://62.4.84.53

O15 - Trusted IP range: http://82.98.235.58

O15 - Trusted IP range: http://85.12.25.90

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: bw+0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - E:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe

O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe

[regis56]

Re

 

Vas dans le panneau de configuration puis dans ajout/suppression de programmes

 

Cherche SearchRelevancy si présent désinstalle.

 

Sinon dis le moi on le supprimera à la main.

 

A plus.

[udolfo]

Re

 

 

j'ai beau regarder je ne le trouve pas.

 

il faudra le faire à la main !!

 

A+

[regis56]

RE

 

Clique sur démarrer/executer/

Copie/colle

Rentre le chemin indiqué en rouge C:\Program Files\SearchRelevant\

Le dossier va s'ouvrir clique sur

uninstall.exe

 

Laisse le faire son job si il le fait

 

Clique sur démarrer/executer/

Copie/colle

Rentre le chemin indiqué en rouge C:\Program Files\

Le dossier va s'ouvrir

Supprime le dossier indiqué en gras si présent:

SearchRelevant(clique droit /supprimer)

 

Vider la poubelle !

 

-Télécharger et installer EasyCleaner de Toni Helenius (Programme faisant partie de la catégorie des nettoyeurs)

http://personal.inet.fi/business/toniarts/ecleane.htm

 

 

-Exécuter EasyCleaner (Utiliser le raccourci sur le bureau):

(Utilitaire qui va supprimer les dossiers temporaires/inutiles et nettoyer la base de registre)

Utiliser les fonctions "Inutiles" et "Registre" seulement. Ne pas toucher à la fonction "doublons".

*Remarque:

-Dans "Inutiles", coche les cases suivantes=>"Normal Types" - "Temp Directories" - "Temp Internet Files" -

"Browser Cookies" puis clique sur "Find".

Lorsque le scan est terminé,clique sur "Delete all".

 

 

Lancer HijackThis, (scan only ou scanner seulement) cocher les lignes suivantes si présentes:

 

O15 - Trusted Zone: http://locator.cdn.imageservr.com

O15 - Trusted Zone: http://scanner.sysprotect.com

O15 - Trusted IP range: http://202.67.220.225

O15 - Trusted IP range: http://59.148.220.121

O15 - Trusted IP range: http://62.4.84.53

O15 - Trusted IP range: http://82.98.235.58

O15 - Trusted IP range: http://85.12.25.90

 

Fermer tous les programmes et navigateur, et Cliquer sur Fix Checked

 

Refais un scan Panda et un nouveau hijackthis STP

 

A plus.

[udolfo]

Yo,

 

Blème ! le programme easycleaner ne se lance pas, j'ai le même problème avec regcleaner !!

par contre jv16 power tools fonctionne...

 

puis je employer celui la mais il faut me guider sur les bonnes fonctions

 

A+

[regis56]

RE

 

Tiens un tuto pour JV16

http://forum.telecharger.01net.com/microhe...messages-1.html

 

Ca devrait marcher.

 

A plus.

[udolfo]

Salut Regis,

 

voila qui est fait.

Je me demande si Panda est bien "safe" car avast me dit qu'un fichier est infecté par WIN32:CTX pendant son action.

 

Voici les logs:

 

 

Incident Status Location

 

Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[fe.lea.lycos.fr/]

Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[landing.domainsponsor.com/]

Spyware:Cookie/3 Not disinfected C:\Documents and Settings\François\Cookies\françois@3[2].txt

Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\François\Cookies\françois@64.62.232[5].txt

Spyware:Cookie/888 Not disinfected C:\Documents and Settings\François\Cookies\françois@888[1].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\François\Cookies\françois@ad.sensismediasmart.com[2].txt

Spyware:Cookie/Gorillanation Not disinfected C:\Documents and Settings\François\Cookies\françois@ads.gorillanation[1].txt

Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\François\Cookies\françois@adultfriendfinder[2].txt

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\François\Cookies\françois@atwola[1].txt

Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\François\Cookies\françois@azjmp[2].txt

Spyware:Cookie/Bns1 Not disinfected C:\Documents and Settings\François\Cookies\françois@bns1[2].txt

Spyware:Cookie/Barelylegal Not disinfected C:\Documents and Settings\François\Cookies\françois@c.fsx[1].txt

Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\François\Cookies\françois@c3.gostats[2].txt

Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\François\Cookies\françois@ccbill[2].txt

Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\François\Cookies\françois@cdfreaks[2].txt

Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\François\Cookies\françois@club.cdfreaks[1].txt

Spyware:Cookie/Sexsuche Not disinfected C:\Documents and Settings\François\Cookies\françois@counter.sexsuche[2].txt

Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\François\Cookies\françois@desktop.kazaa[2].txt

Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[1].txt

Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[2].txt

Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[4].txt

Spyware:Cookie/Go Not disinfected C:\Documents and Settings\François\Cookies\françois@go[1].txt

Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\François\Cookies\françois@kount[1].txt

Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\François\Cookies\françois@rightmedia[2].txt

Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\François\Cookies\françois@tucows[1].txt

Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\François\Cookies\françois@webpower[2].txt

Spyware:Cookie/ademails Not disinfected C:\Documents and Settings\François\Cookies\françois@www.ademails[2].txt

Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\François\Cookies\françois@www.advnt01[1].txt

Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\François\Cookies\françois@xiti[1].txt

Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\François\Cookies\françois@xiti[3].txt

Spyware:Cookie/Comclick Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[fl01.ct2.comclick.com/]

Spyware:Cookie/Xiti Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.xiti.com/]

Spyware:Cookie/Statcounter Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.statcounter.com/]

Spyware:Cookie/Bluestreak Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.bluestreak.com/]

Spyware:Cookie/Doubleclick Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/Mediaplex Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.mediaplex.com/]

Spyware:Cookie/Tradedoubler Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.tradedoubler.com/]

Spyware:Cookie/Weborama Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.weborama.fr/]

Spyware:Cookie/Falkag Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.as-eu.falkag.net/]

Spyware:Cookie/Apmebf Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.apmebf.com/]

Spyware:Cookie/Toplist Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.toplist.cz/]

Spyware:Cookie/RealMedia Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.247realmedia.com/]

Spyware:Cookie/Adtech Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.adtech.de/]

Spyware:Cookie/Atlas DMT Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/MetriWeb Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.metriweb.be/]

Spyware:Cookie/WebtrendsLive Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[statse.webtrendslive.com/]

Potentially unwanted tool:Application/Processor Not disinfected E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix\SmitfraudFix\Process.exe

Potentially unwanted tool:Application/Processor Not disinfected E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix.zip[smitfraudFix/Process.exe]

Spyware:Cookie/Atlas DMT Not disinfected E:\Documents and Settings\François\Cookies\françois@atdmt[1].txt

Spyware:Cookie/Doubleclick Not disinfected E:\Documents and Settings\François\Cookies\françois@doubleclick[2].txt

Spyware:Cookie/MetriWeb Not disinfected E:\Documents and Settings\François\Cookies\françois@metriweb[1].txt

Spyware:Cookie/Reliablestats Not disinfected E:\Documents and Settings\François\Cookies\françois@stats1.reliablestats[2].txt

Spyware:Spyware/Virtumonde Not disinfected E:\Program Files\Fichiers communs\{A04AC051-0BBE-2060-0426-050614020020}\services.dll

Spyware:Cookie/3 Not disinfected L:\disque c\Cookies\françois@3[2].txt

Spyware:Cookie/888 Not disinfected L:\disque c\Cookies\françois@888[1].txt

Spyware:Cookie/Gorillanation Not disinfected L:\disque c\Cookies\françois@ads.gorillanation[1].txt

Spyware:Cookie/adultfriendfinder Not disinfected L:\disque c\Cookies\françois@adultfriendfinder[2].txt

Spyware:Cookie/Azjmp Not disinfected L:\disque c\Cookies\françois@azjmp[2].txt

Spyware:Cookie/Beweb Not disinfected L:\disque c\Cookies\françois@beweb[2].txt

Spyware:Cookie/Barelylegal Not disinfected L:\disque c\Cookies\françois@c.fsx[1].txt

Spyware:Cookie/GoStats Not disinfected L:\disque c\Cookies\françois@c3.gostats[2].txt

Spyware:Cookie/Ccbill Not disinfected L:\disque c\Cookies\françois@ccbill[2].txt

Spyware:Cookie/Cd Freaks Not disinfected L:\disque c\Cookies\françois@cdfreaks[2].txt

Spyware:Cookie/Cd Freaks Not disinfected L:\disque c\Cookies\françois@club.cdfreaks[1].txt

Spyware:Cookie/Kazaa Networks Not disinfected L:\disque c\Cookies\françois@desktop.kazaa[2].txt

Spyware:Cookie/fe.lea.lycos Not disinfected L:\disque c\Cookies\françois@fe.lea.lycos[1].txt

Spyware:Cookie/fe.lea.lycos Not disinfected L:\disque c\Cookies\françois@fe.lea.lycos[2].txt

Spyware:Cookie/Go Not disinfected L:\disque c\Cookies\françois@go[1].txt

Spyware:Cookie/Rightmedia Not disinfected L:\disque c\Cookies\françois@rightmedia[2].txt

Spyware:Cookie/WebPower Not disinfected L:\disque c\Cookies\françois@webpower[2].txt

Spyware:Cookie/Xiti Not disinfected L:\disque c\Cookies\françois@xiti[1].txt

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:45:18, on 22/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

E:\Program Files\Alwil Software\Avast4\ashServ.exe

E:\Program Files\ewido anti-spyware 4.0\guard.exe

E:\WINDOWS\system32\nvsvc32.exe

E:\WINDOWS\system32\oodag.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\Explorer.EXE

C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe

c:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe

E:\WINDOWS\SOUNDMAN.EXE

E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\ewido anti-spyware 4.0\ewido.exe

E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

E:\WINDOWS\system32\ctfmon.exe

E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

E:\Program Files\Logitech\SetPoint\SetPoint.exe

E:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

E:\Program Files\Internet Explorer\IEXPLORE.EXE

E:\Documents and Settings\François\Bureau\Rep infection\hijackthis\HijackThis.exe

E:\Program Files\Mozilla Firefox\firefox.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode

O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [!ewido] "E:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized

O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: bw+0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - E:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe

O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe

 

 

 

A+

[regis56]

Bonsoir udolfo !

 

T'inquiète pas pour Panda c'est normal Avast et lui ne s'entende pas bien

 

La prochaine fois désactive avast avant de faire le scan.

 

Panda trouve ceci

Spyware:Spyware/Virtumonde Not disinfected E:\Program Files\Fichiers communs\{A04AC051-0BBE-2060-0426-050614020020}\services.dll

 

Pourrait tu me dire ce qu'il y a dans ce dossier :

E:\Program Files\Fichiers communs\{A04AC051-0BBE-2060-0426-050614020020}\

 

A plus.