Virus trojandropper win32/messengerskinner

Résolu
ACI -  
g!rly Messages postés 18462 Statut Contributeur -
Bonjour,
je suis infectée par un virus depuis une semaine, et je n'arrive pas à m'en débarrasser: il a été détecté par windows defender et cc cleaner qui ne peuvent pas le supprimer et avast ne le trouve même pas
j'ai vu qu'il fallait faire un scan avec hijackthis donc je l'ai fait. Voic le rapport:

Logfile of HijackThis v1.99.1
Scan saved at 21:28:10, on 29/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Users\barbara archetti\AppData\Local\oqrst.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\barbara archetti\AppData\Local\Temp\Temp1_hijackthis_199[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CamWizard] C:\Program Files\Common Files\Logitech\QCDRV\BIN\CamWizard.exe
O4 - HKLM\..\Run: [LogitechRegisterVideoApplications] "C:\Program Files\Logitech\Video\InstallHelper.exe" /register /runnow
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [oqrst] c:\users\barbara archetti\appdata\local\oqrst.exe oqrst
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: QuickSet.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: bw+0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

j'espère que vous pourrez m'aider
merci d'avance.
@ +
Configuration: Windows Vista
Internet Explorer 7.0

10 réponses

  1. g!rly Messages postés 18462 Statut Contributeur 407
     
    Salut AcI

    Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

    - Va dans démarrer puis panneau de configuration
    - Double Clique sur l'icône "Comptes d'utilisateurs"
    - Clique ensuite sur désactiver et valide.

    Télécharge maintenant Navilog1 depuis-ce lien :

    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog1 présent sur ton bureau et choisis "Exécuter

    en tant qu'administrateur".

    Au menu principal, Fais le choix 1
    Laisse toi guider et patiente.
    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche le blocnote va s'ouvrir.
    Copie-colle l'intégralité du rapport dans une réponse.
    Referme le blocnote
    Le rapport fixnavi.txt est en outre sauvegardé dans %systemdrive%.

    @+
    0
    1. ACI
       
      Salut!
      désolée de ne pas avoir répondu plus tôt mais je n'arrive pas à faire ce que tu as demandé:
      j'ai chargé Navilog1 et commencé la recherche en tapant 1 dans le menu principal et c'est là que ça coince:
      la recherche commence et ne se termine jamais.
      je te fais une copie de ce qui est marqué:

      Creation de la liste des programmes installes

      Veuillez patienter

      C:\unpffc02.txtLe fichier sp'cifi' est introuvable.
      Impossible de trouver C:\unpffc02.txt
      Search Navipromo version 3.4.8 commence le 02/03/2008 a 21:04:04,20

      !!! Attention,ce rapport peut indiquer des fichiers/programmes legitimes !!!
      !!! Postez ce rapport sur le forum pour le faire analyser !!!
      !!! Ne lancez pas la partie desinfection sans l'avis d'un specialiste !!!




      *** Recherche programmes installes ***

      Veuillez patienter


      Recherche terminee


      *** Recherche dossiers dans C:\Windows ***

      Veuillez patienter

      Recherche terminee


      *** Recherche dossiers dans C:\Program Files ***

      Veuillez patienter

      Recherche terminee


      *** Recherche dossiers dans C:\ProgramData ***

      Veuillez patienter

      Recherche terminee


      *** Recherche dossiers dans C:\ProgramData\Microsoft\Windows\Start Menu\Programs
      ***

      Veuillez patienter

      Recherche terminee


      *** Recherche dossiers dans C:\Users\BARBAR~1\AppData\Roaming\MICROS~1\Windows\S
      TARTM~1\Programs ***

      Veuillez patienter

      Recherche terminee


      *** Recherche dossiers dans C:\Users\barbara archetti\AppData\Local\virtualstore
      \Program Files ***

      Veuillez patienter

      Recherche terminee


      *** Recherche dossiers dans C:\Users\barbara archetti\AppData\Roaming ***

      Veuillez patienter

      Recherche terminee

      Recherche terminee


      *** Recherche avec Catchme par gmer ***
      pour + d'infos : http://www.gmer.net

      Veuillez patienter ... Le scan peut durer une dizaine de minutes ...


      voilà voilà, il est rebelle ce virus

      Ps: j'ai refait un scan avec spybot et il a réussi à supprimer 21 des 24 éléments messenger skinner, mais je suppose que ça ne suffit pas

      merci encore pour ton aide
      A +
      0
  2. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut aci,

    fais ceci :

    Télécharge combofix.exe (par sUBs) sur ton Bureau.

    -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    Avant d'utiliser ComboFix :

    -> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

    -> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

    Une fois fait, sur ton bureau double-clic sur Combofix.exe.

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

    - En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

    - Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

    -> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    -> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message ainsi qu´un nouveau hijack this.

    -> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

    @+
    0
  3. ACI
     
    Salut
    merci pour ta réponse
    j'ai réussi à faire ce que tu m'as demandé et voici le résultat:

    ComboFix 08-03-03.6 - barbara archetti 2008-03-03 13:20:20.1 - NTFSx86
    Microsoft® Windows Vista™ Professionnel 6.0.6000.0.1252.1.1036.18.1173 [GMT 1:00]
    Endroit: C:\Users\barbara archetti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3SKTB1WN\ComboFix[1].exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\Users\barbara archetti\AppData\Local\oqrst.dat
    c:\users\barbara archetti\appdata\local\oqrst.exe
    c:\Users\barbara archetti\AppData\Local\oqrst_nav.dat
    C:\Users\barbara archetti\AppData\Local\oqrst_navps.dat
    C:\Users\barbara archetti\AppData\Roaming\MessengerSkinner
    C:\Windows\system32\nvs2.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-03 to 2008-03-03 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-01 18:18 . 2007-10-21 10:30 4,461 --a------ C:\Windows\System32\gnc.exe
    2008-03-01 18:12 . 2008-03-02 21:10 <REP> d-------- C:\Program Files\Navilog1
    2008-02-25 13:04 . 2008-02-25 13:04 <REP> d--h----- C:\Users\All Users\CanonBJ
    2008-02-25 13:04 . 2008-02-25 13:04 <REP> d--h----- C:\PROGRA~2\CanonBJ
    2008-02-25 13:03 . 2008-02-25 13:03 <REP> d-------- C:\Users\barbara archetti\Bluetooth Software
    2008-02-24 22:14 . 2008-02-24 22:14 <REP> d-------- C:\Users\barbara archetti\AppData\Roaming\PC Tools
    2008-02-24 22:14 . 2008-03-03 13:14 <REP> d-a------ C:\Users\All Users\TEMP
    2008-02-24 22:14 . 2008-03-03 09:22 <REP> d-------- C:\Program Files\Spyware Doctor
    2008-02-24 22:14 . 2008-03-03 13:14 <REP> d-a------ C:\PROGRA~2\TEMP
    2008-02-24 22:14 . 2007-12-10 14:53 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
    2008-02-24 22:14 . 2007-12-10 14:53 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
    2008-02-24 22:14 . 2008-02-01 12:55 42,376 --a------ C:\Windows\System32\drivers\ikfilesec.sys
    2008-02-24 22:14 . 2007-12-10 14:53 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
    2008-02-22 10:37 . 2008-02-22 10:37 <REP> d-------- C:\Users\All Users\Skyline
    2008-02-22 10:37 . 2008-02-22 10:37 <REP> d-------- C:\Program Files\Skyline
    2008-02-22 10:37 . 2008-02-22 10:37 <REP> d-------- C:\PROGRA~2\Skyline
    2008-02-18 22:55 . 2008-02-18 22:55 194,560 --a------ C:\Windows\System32\WebClnt.dll
    2008-02-18 22:55 . 2008-02-18 22:55 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys
    2008-02-18 22:52 . 2008-02-18 22:52 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe
    2008-02-18 22:52 . 2008-02-18 22:52 3,470,392 --a------ C:\Windows\System32\ntoskrnl.exe
    2008-02-18 22:52 . 2008-02-18 22:52 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
    2008-02-18 22:52 . 2008-02-18 22:52 110,136 --a------ C:\Windows\System32\drivers\ataport.sys
    2008-02-18 22:52 . 2008-02-18 22:52 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
    2008-02-18 22:52 . 2008-02-18 22:52 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
    2008-02-18 22:52 . 2008-02-18 22:52 15,928 --a------ C:\Windows\System32\drivers\pciide.sys
    2008-02-18 22:51 . 2008-02-18 22:51 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-18 22:51 . 2008-02-18 22:51 1,686,528 --a------ C:\Windows\System32\gameux.dll
    2008-02-18 22:51 . 2008-02-18 22:51 803,328 --a------ C:\Windows\System32\drivers\tcpip.sys
    2008-02-18 22:51 . 2008-02-18 22:51 216,632 --a------ C:\Windows\System32\drivers\netio.sys
    2008-02-18 22:51 . 2008-02-18 22:51 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
    2008-02-18 22:51 . 2008-02-18 22:51 24,064 --a------ C:\Windows\System32\netcfg.exe
    2008-02-18 22:51 . 2008-02-18 22:51 22,016 --a------ C:\Windows\System32\netiougc.exe
    2008-02-17 16:39 . 2008-02-17 16:39 <REP> d-------- C:\Users\All Users\Yahoo! Companion
    2008-02-17 16:39 . 2008-02-17 16:39 <REP> d-------- C:\PROGRA~2\Yahoo! Companion
    2008-02-08 07:37 . 2008-02-08 07:37 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
    2008-02-08 07:37 . 2008-02-08 07:37 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-02 20:00 28,380 ----a-w C:\Users\barbara archetti\AppData\Roaming\nvModes.dat
    2008-03-02 02:02 --------- d-----w C:\Program Files\Windows Live
    2008-03-01 19:47 --------- d-----w C:\PROGRA~2\Dell
    2008-02-19 18:14 --------- d-----w C:\PROGRA~2\WLInstaller
    2008-02-18 21:51 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-18 21:51 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-18 21:51 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-18 21:51 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-18 21:48 824,832 ----a-w C:\Windows\System32\wininet.dll
    2008-02-18 21:48 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-18 21:48 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-18 21:48 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
    2008-01-31 20:41 --------- d-----w C:\Users\barbara archetti\AppData\Roaming\dvdcss
    2008-01-31 20:41 --------- d-----w C:\Program Files\Dell Support Center
    2008-01-31 20:41 --------- d-----w C:\Program Files\Common Files\supportsoft
    2008-01-31 20:41 --------- d-----w C:\PROGRA~2\SupportSoft
    2008-01-31 20:34 --------- d-----w C:\Program Files\Windows Mail
    2008-01-31 20:10 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-01-31 20:10 --------- d-----w C:\Program Files\Windows Sidebar
    2008-01-31 15:28 --------- d-----w C:\PROGRA~2\Roxio
    2008-01-06 18:05 --------- d-----w C:\PROGRA~2\McAfee
    2008-01-06 13:32 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
    2008-01-06 13:25 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-01-06 13:24 --------- d-----w C:\Program Files\Yahoo!
    2008-01-06 13:24 --------- d-----w C:\Program Files\CCleaner
    2008-01-05 19:06 --------- d-----w C:\Program Files\Alwil Software
    2007-12-11 22:05 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2007-12-11 22:05 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2007-12-11 22:05 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2007-12-04 13:04 837,496 ----a-w C:\Windows\System32\aswBoot.exe
    2007-12-04 12:54 95,608 ----a-w C:\Windows\System32\AvastSS.scr
    2007-11-20 23:02 174 --sha-w C:\Program Files\desktop.ini
    2007-11-14 21:33 0 ----a-w C:\Users\barbara archetti\AppData\Roaming\wklnhst.dat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:35 2159104 C:\Windows\System32\oobefldr.dll]
    "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 13:09 460784]
    "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-11-20 21:21 32768]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe" [2007-11-10 12:38 162744]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
    "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 09:23 202544]
    "Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe" [2006-11-02 10:45 49664]
    "ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2007-11-22 17:10 787696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-10 20:04 1006264]
    "ECenter"="C:\Dell\E-Center\EULALauncher.exe" [2007-05-25 07:03 17920]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-04 06:21 857648]
    "SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-06-27 11:17 405504]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-05-18 06:09 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-05-18 06:09 8429568]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-05-18 06:09 81920]
    "NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-05-18 06:09 67584]
    "SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-11-10 12:24 77824]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37 81920]
    "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22 221184]
    "PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 17:10 184320]
    "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-10 12:38 1862144]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
    "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-02-01 12:55 1103240]

    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 18:55:50 703280]
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-11-10 12:25:18 50688]
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-11-20 21:21:31 450560]
    QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-11-10 12:26:57 45056]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{87B80D70-51AE-4318-9DB6-371E2EF0C14C}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
    "{0E63D6C4-C40B-4997-AABA-CC008B3EC5EC}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
    "{1CDD6B59-FE73-4A3E-A881-93445024CDC5}"= C:\Program Files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema|Desc=CyberLink PowerCinema
    "{C63D3685-57D7-48AC-AB50-CEAC06DA03B5}"= C:\Program Files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program|Desc=CyberLink PowerCinema Resident Program
    "{2FF7CACC-360B-46FB-911B-B147E4C96D59}"= C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine|Desc=Cyberlink Media Server Browser Engine
    "{80F05B52-915D-4ECC-98B8-0F32D90E2A84}"= C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server|Desc=CyberLink Media Server
    "{C2BE215B-4751-4728-A6E1-9485521FAA5C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
    "{F1C69699-4E50-480B-A2F1-A1B6A271F4C5}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
    "{FD2AD411-9778-48F9-8AB6-70E4515DE677}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
    "{61699CBE-FF2E-42DE-BCC3-35A23613647A}"= Disabled:UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
    "{67E1F240-B5EB-419E-837F-B0416ECBAFF4}"= Disabled:TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
    "TCP Query User{78690548-E383-4231-859E-5E95FC23CE6C}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe"= UDP:C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe:Logitech Desktop Messenger|Desc=Logitech Desktop Messenger
    "UDP Query User{D03213EB-BAA5-40FA-ABF2-2DE4E0DF0B6F}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe"= TCP:C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe:Logitech Desktop Messenger|Desc=Logitech Desktop Messenger

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]
    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 09:23]
    R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-04-29 06:24]
    R3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 02:37]
    R3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2006-11-07 00:13]
    R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-07 00:13]
    R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-25 15:14]
    S3 LVPrcMon;Logitech LVPrcMon Driver;C:\Windows\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
    S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 08:36]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    bthsvcs REG_MULTI_SZ BthServ

    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-03 13:23:58
    Windows 6.0.6000 NTFS

    detected NTDLL code modification:
    ZwClose

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-03 13:25:41
    ComboFix-quarantined-files.txt 2008-03-03 12:25:36
    .
    2008-03-02 02:03:03 --- E O F ---

    pour hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:42:10, on 03/03/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Windows\system32\STacSV.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\Explorer.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: QuickSet.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O18 - Protocol: bw+0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {A35C8354-0B5D-41C1-91D8-E86BEC40B3D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    0
  4. g!rly Messages postés 18462 Statut Contributeur 407
     
    Re,

    messenger skinner a ete erradiqué ;-)

    maintenant installes un par feu .

    Comodo 3 pro :

    http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro

    ou zone alarm plus facil a configurer mais moins performant

    https://www.malekal.com/tutoriel-zonealarm-firewall/

    un antispyware resident :

    spywareblaster :

    http://www.brightfort.com/spywareblaster.html

    c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"

    tuto : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/question-spywareblaser-sujet_174747_1.htm

    puis

    regarde ce tutorial pour mettre ta console java a jour :

    https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/

    comment va ton pc?

    @+
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ACI
     
    merci encore!

    internet explorer ne plante plus et mon ordinateur est plus rapide!

    on m'a parlé d'un antivirus plus performant qu'avast mais tout en anglais est-ce que tu vois de quoi il s'agit?

    en tout cas je te remercie pour ton aide super performante. Je trouve ça génial qu'il y aie des gens comme toi qui aident des novices comme moi à s'en sortir face à ce genre de problèmes
    c'est super, continue!
    (même si j'espère ne plus jamais avoir recours à ton aide pour un virus!)

    je charge tout ce que tu m'as dit et je vois pour trouver un meilleur antivirus qu'avast

    salut!
    0
  7. g!rly Messages postés 18462 Statut Contributeur 407
     
    Aci,

    et bien je suis contente pour toi ;-)

    l´antivirus dont tu parles doit etre antivir ?!

    regarde ceci concernant avast :

    antivir vs avast :

    -> http://forum.malekal.com/ftopic3528.php

    alors je te conseille de le desinstaller et d´installer antivir a la place

    Telecharge et instales l'antivirus Antivir Personal Edition Classic :

    ->https://www.malekal.com/avira-free-security-antivirus-gratuit/

    https://www.avira.com/en/prime

    http://mickael.barroux.free.fr/securite/antivir.php
    http://speedweb1.free.fr/frames2.php?page=tuto5
    <- tutoriel configuration du scanner...

    une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
    puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
    coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
    puis sur la droite coche les case suivantes :
    scan boot sectors of selected drives
    scan master boot sectors
    scan memory
    search foe rootkit before scan
    decoche :
    ignore off line files
    toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level

    tu peux me poster son rapport apres scan si tu le desir, car apres installation il va te demander si tu veux performer un scan complet de ta machine, ce que je te conseille vivement de faire (connaissant avast...)

    @+
    0
  8. ACI
     
    Bonsoir
    j'ai chargé antivir et fait un scan comme tu le préconisais: un virus trojan a été trouvé et a été mis en quarantaine
    je te copie le rapport:

    AntiVir PersonalEdition Classic
    Report file date: jeudi 6 mars 2008 21:42

    Scanning for 1136109 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows Vista
    Windows version: (plain) [6.0.6000]
    Username: SYSTEM
    Computer name: PC-DE-BARBARA

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 20:16:39
    ANTIVIR2.VDF : 7.0.2.181 1993728 Bytes 24/02/2008 20:16:39
    ANTIVIR3.VDF : 7.0.2.245 216576 Bytes 06/03/2008 20:16:39
    AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 06/03/2008 20:16:46
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 06/03/2008 20:16:59
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: jeudi 6 mars 2008 21:42

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
    Scan process 'ieuser.exe' - '1' Module(s) have been scanned
    Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
    Scan process 'CPSHelpRunner.exe' - '1' Module(s) have been scanned
    Scan process 'BTStackServer.exe' - '1' Module(s) have been scanned
    Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
    Scan process 'quickset.exe' - '1' Module(s) have been scanned
    Scan process 'DLG.exe' - '1' Module(s) have been scanned
    Scan process 'BTTray.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
    Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'DSAgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'cfp.exe' - '1' Module(s) have been scanned
    Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
    Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
    Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
    Scan process 'PCMService.exe' - '1' Module(s) have been scanned
    Scan process 'RoxWatchTray9.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'sttray.exe' - '1' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
    Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'RoxMediaDB9.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
    Scan process 'XAudio.exe' - '1' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'stacsv.exe' - '1' Module(s) have been scanned
    Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
    Scan process 'RoxWatch9.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'MDM.EXE' - '1' Module(s) have been scanned
    Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
    Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
    Scan process 'cmdagent.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'dwm.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
    Scan process 'audiodg.exe' - '0' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsm.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'wininit.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    75 processes with 75 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '21' files ).

    Starting the file scan:

    Begin scan in 'C:\' <OS>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\SSV\Supssv.bat
    [DETECTION] Contains suspicious code HEUR/Trojan.DIRKiller
    [INFO] The file was moved to '48405b63.qua'!
    Begin scan in 'D:\' <RECOVERY>

    End of the scan: jeudi 6 mars 2008 22:20
    Used time: 38:11 min

    The scan has been done completely.

    14665 Scanning directories
    372505 Files were scanned
    0 viruses and/or unwanted programs were found
    1 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    1 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    372505 Files not concerned
    1657 Archives were scanned
    2 Warnings
    0 Notes

    j'ai enlevé avast est ce que je dois enlever spybot aussi comme j'ai mis spywareblaster?
    j'ai aussi chargé comodo mais je trouve ça casse pied parce qu'il se manifeste sans arrêt

    comment fait on pour supprimer un virus mis en quarantaine et est ce que ça suffira vu que c'est un trojan?

    @ +
    Ps: désolée mais visiblement c'est pas encore fini, avast est vraiment nul!!!
    0
  9. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut aci,

    oui tu as bien fais de remplacer avast par antivir ;-)

    gardes spybot et son tea timer il complete spywareblaster.

    oui c´est normal que le par feu te casse les pieds au debut mais avec le temps quand tu auras crés des regles pour tes applications il se fera oublier...

    pour supprimer le trojan en quarantaine tu click sur l´icone d´antivir dans la barre des taches dans la fenetre du programme tu click sur l´onglet quarantaine, puis dans la liste tu click sur le fichier infecté et puis sur l´icone poubelle...

    Ps: désolée mais visiblement c'est pas encore fini, avast est vraiment nul!!! < tu veux dire quoi par ceci ? antivir te detecte autre chose?

    @+
    0
  10. aci
     
    salut!

    non non, je te rassure antivir n'a plus rien détecté

    je te remercie encore pour ton aide
    je ne te dis pas à bientôt!
    0
  11. g!rly Messages postés 18462 Statut Contributeur 407
     
    ok tres bien aci,

    de rien ;-)

    bonne continuation`

    bye`
    0