Des pages web s'ouvre de façon intemestives

jmga · Octobre 25, 2008, 9:08

Bonjour,

Apparemment c’est un pb nien connu voici ma configuuration
merci pour votre aide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:58:41, on 25/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Firefly Media Server\FireflyShell.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\util1\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\util1\AppData\Local\yyyaiui.exe
C:\Program Files\digital publishing\FEEDEF_11_999999\dpFeeds.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Station météo PC 3\PC_WS2500.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Téléchargement\HJTInstall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [Google Desktop Search] “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM…\Run: [FireflyShell] “C:\Program Files\Firefly Media Server\FireflyShell.exe” -q
O4 - HKLM…\Run: [LogMeIn GUI] “C:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM…\Run: [ISTray] “C:\Program Files\Spyware Doctor\pctsTray.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [LogitechQuickCamRibbon] “C:\Program Files\Logitech\QuickCam\Quickcam.exe” /hide
O4 - HKLM…\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM…\Run: [BDMCon] “C:\Program Files\Softwin\BitDefender10\bdmcon.exe” /reg
O4 - HKLM…\Run: [BDAgent] “C:\Program Files\Softwin\BitDefender10\bdagent.exe”
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU…\Run: [Google Update] “C:\Users\util1\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU…\Run: [yyyaiui] “c:\users\util1\appdata\local\yyyaiui.exe” yyyaiui
O4 - HKUS\S-1-5-19…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE RÉSEAU’)
O4 - Startup: Nathan - Anglais - Fil d’info RSS.lnk = C:\Program Files\digital publishing\FEEDEF_11_999999\dpFeeds.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - javadl-esd.sun.com…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - secure.logmein.com…
O18 - Protocol: bw+0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6BA7B639-A242-42E1-BB03-C06A8F6FE61D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firefly Media Server - Ron Pedde - C:\Program Files\Firefly Media Server\firefly.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

–
End of file - 21056 bytes

guigui14100 · Octobre 25, 2008, 9:19

Salut

Tu es infecter fait un scan en mode 1 avec [navilog [/url] url=http://guigui14100.web.officelive.com/tutorialnavilog.aspx](http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe)
Et post le rapport

jmga · Octobre 25, 2008, 11:11

Bonjour,

Merci pour l’aide impossible de lancer navilog il me dit que getpath.bat n’est pas reconnu et j’ai une fenetre getpath a cessé de fonctionné.

Je suis vous vista

Jean-Marc

guigui14100 · Octobre 25, 2008, 2:39

Désactive tes protection avant et télécharge le a nouveau et relance le

jmga · Octobre 25, 2008, 4:40

Le problème est identique il ne trouve pas le fichier

guigui14100 · Octobre 25, 2008, 5:05

Bizarre sa…

Fait un scan compet avec [MBAM[/url], supprime les détection et post le rapport. [url=http://guigui14100.web.officelive.com/tutorialmbam.aspx]b[/b]](http://www.malwarebytes.org/mbam/program/mbam-setup.exe)

jmga · Octobre 26, 2008, 6:36

J’ai fait un premier scan il a bloqué mais j’ai supprimé les pb rencontrés cela semble avoir réglé le pb. j’ai relancé le scan mais il tourne depuis 8 h…

cricri58 · Octobre 26, 2008, 6:54

Ca fait bien long pour un scan avec Malwarebytes

l as tu fais en Mode sans echec ???Si non

Refais Malwarebytes en Mode sans Echec + suppressions des infections

Si ça ne fnonctionne pas rends toi ici ESET online Scanner avec Explorer (en mode classique )

www.eset.eu…

fermes tes autres applications et desactives tes protections pendant l analyse que tu n oublieras pas de reactiver aprés l analyse

Tu nous diras s il y a eu suppressions !!!

Coches / Eset - avant de demarrer l analyse --Remove found Threats

 et                                                              -  Scan  unwanted applications

jmga · Octobre 26, 2008, 8:23

ouf c’est enfin fini voici le rapport j’ai suprimé au passage roque spyware
Malwarebytes’ Anti-Malware 1.30
Version de la base de données: 1319
Windows 6.0.6001 Service Pack 1

26/10/2008 20:21:22
mbam-log-2008-10-26 (20-21-22).txt

Type de recherche: Examen complet (C:|)
Eléments examinés: 1074309
Temps écoulé: 8 hour(s), 47 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\Users\LogMeInRemoteUser\Desktop\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

guigui14100 · Octobre 26, 2008, 8:27

Tient tient Infection par le rogue Spyware Secure :@

Désactive tes protections
Réesaye un navilog…

Fait de même pour Combofix laisse travailler et post le log

jmga · Octobre 26, 2008, 10:41

Merci beaucoup de ton aide.

Navilog ne fonctionne toujours pas
Combofix a fonctionné mais je n’ai pas de rapport

guigui14100 · Octobre 26, 2008, 11:11

Regarde a la racine de ton disuqe dur (C:)

jmga · Octobre 27, 2008, 6:00

Je n’ai rien trouvé à part cela mais cela date du samedi
je ne serai plus connecté avant mardi soir

Merci à bientôt

Logfile of The Avenger Version 2.0, © by Swandog46
swandog46.geekstogo.com…

Platform: Windows Vista

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

Beginning to process script file:

Error: file “C:\Users\util1\Local Settings\Application Data\yyyaiui_navps.dat” not found!
Deletion of file “C:\Users\util1\Local Settings\Application Data\yyyaiui_navps.dat” failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
–> the object does not exist

Error: file “C:\Users\util1\Local Settings\Application Data\yyyaiui_nav.dat” not found!
Deletion of file “C:\Users\util1\Local Settings\Application Data\yyyaiui_nav.dat” failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
–> the object does not exist

Error: file “C:\Users\util1\Local Settings\Application Data\yyyaiui.dat” not found!
Deletion of file “C:\Users\util1\Local Settings\Application Data\yyyaiui.dat” failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
–> the object does not exist

File “C:\Users\util1\Local Settings\Application Data\yyyaiui.exe” deleted successfully.

Completed script processing.

Finished! Terminate.

guigui14100 · Octobre 27, 2008, 9:07

Essaye en renommant combofix.exe en jmga.exe

jmga · Octobre 29, 2008, 7:27

Bonjour même problème pas de rapport

jmga · Octobre 29, 2008, 10:01

Bon je crois que j’ai trouvé il m’a créé un répertoire jmga.exe et j’ai trouvé un fichier que j’ai ouvert avec word…
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2008-10-29 07:21:39
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden files …