Se connecter / S'enregistrer
Votre question

5 menaces détectées

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Novembre 2007 23:00:18

Bonsoir,

Suite à une alerte sécurité, j'ai téléchargé spyware doctor qui m'a détecté 67 anomalies.
Après ad-adware 2007 et Spybot search and destroy 5 menaces persistent:

Trojan-Proxy Ranky
Adware.Maxifiles
Aware.2020search_com
Adware component.toolbars
Dialer.Carpe_Diem

Pouvez vous m'aider a me débarrasser de ces menaces.

Merci d'avance,
Valérie

Autres pages sur : menaces detectees

22 Novembre 2007 18:15:18

Bonsoir,

Merci de répondre aussi vite.
Voici le rapport de scan HiJackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:13:02, on 22/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\pointsoft\lanceur.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\VALERIE\Mes documents\Nouveau dossier\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Program Files\Corel\Print House Magic\cffrem.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/acti...
O17 - HKLM\System\CCS\Services\Tcpip\..\{201A9E58-795B-43DB-A842-EFF8A84B818C}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{55C98ED5-D87C-4BA1-9D93-7C6384BB79C6}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{201A9E58-795B-43DB-A842-EFF8A84B818C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{201A9E58-795B-43DB-A842-EFF8A84B818C}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 21025 bytes

Valérie
Contenus similaires
Pas de réponse à votre question ? Demandez !
22 Novembre 2007 23:17:24

Re


Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
23 Novembre 2007 19:30:18

bonsoir,
Voici le rapport Combofix

ComboFix 07-11-19.3 - VALERIE 2007-11-23 19:16:05.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.525 [GMT 1:00]
Running from: C:\Documents and Settings\VALERIE\Mes documents\Nouveau dossier\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-23 to 2007-11-23 ))))))))))))))))))))))))))))))))))))
.

2007-11-20 21:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-19 20:56 <REP> d-------- C:\Program Files\Lavasoft
2007-11-19 20:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-19 20:55 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-17 13:40 164 --a------ C:\install.dat
2007-11-17 13:25 <REP> d-------- C:\Documents and Settings\Océane\Application Data\PCToolsFirewallPlus
2007-11-17 07:52 <REP> d-------- C:\Documents and Settings\VALERIE\Application Data\PCToolsFirewallPlus
2007-11-16 22:53 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-16 21:59 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-11-16 21:59 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-11-16 21:59 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-11-16 21:59 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-11-16 21:58 <REP> d-------- C:\Program Files\Spyware Doctor
2007-11-16 21:58 <REP> d-------- C:\Documents and Settings\VALERIE\Application Data\PC Tools
2007-11-16 21:58 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-16 22:13 --------- d-----w C:\Documents and Settings\VALERIE\Application Data\uTorrent
2007-10-25 16:56 8,510,976 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-22 19:41 --------- d-----w C:\Program Files\Electronic Arts
2007-10-22 19:38 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-10-21 22:01 --------- d-----w C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g
2007-10-21 22:01 --------- d-----w C:\Program Files\EA GAMES
2007-10-18 16:36 --------- d-----w C:\Program Files\Neuf
2007-10-15 17:09 --------- d-----w C:\Program Files\eoRezo
2007-10-15 17:09 --------- d-----w C:\Documents and Settings\VALERIE\Application Data\EoRezo
2007-10-14 15:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Barbie Fashion Show
2007-10-14 13:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-14 13:55 --------- d-----w C:\Program Files\Mindscape
2007-10-14 09:25 --------- d-----w C:\Documents and Settings\Océane\Application Data\vlc
2007-10-03 17:18 --------- d-----w C:\Program Files\Mattel Interactive
2007-09-24 19:48 --------- d-----w C:\Program Files\Java
2007-09-23 14:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-09-23 14:21 --------- d-----w C:\Documents and Settings\VALERIE\Application Data\AdobeUM
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-09-02 17:33 8 ----a-w C:\Documents and Settings\VALERIE\.bztarotcumul.dat
2007-01-23 19:19 112,112 ----a-w C:\Documents and Settings\VALERIE\Application Data\GDIPFONTCACHEV1.DAT
2005-06-02 16:28 22,606,384 ----a-w C:\Program Files\AdbeRdr70_fra_full.exe
2005-06-02 16:22 7,043,504 ----a-w C:\Program Files\psa2011se_fre.exe
2005-06-02 16:19 494,704 ----a-w C:\Program Files\ytb01_efgsip.exe
2005-06-02 16:17 534,112 ----a-w C:\Program Files\psa2011_ytb01_DLM_fra_full.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-12 19:54]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 17:07]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-20 18:06]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2007-09-14 18:06]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"="" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-30 20:49]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24]
"RegistryMechanic"="" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 16:09]

C:\Documents and Settings\VALERIE\Menu D‚marrer\Programmes\D‚marrage\
Lanceur Pointsoft.lnk - C:\pointsoft\lanceur.exe [2001-02-06 15:54:24]
WKCALREM.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2002-06-26 18:57:40]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Corel Family & Friends Reminders.LNK - C:\Program Files\Corel\Print House Magic\cffrem.exe [2005-02-25 15:08:41]
Hyperappel de l'Encyclop‚die Universelle Larousse.lnk - C:\Program Files\Larousse\Encyclop‚die Universelle Larousse\bin\hyperappel.exe [2004-12-12 22:21:49]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-12 19:54:38]
Microsoft Office.lnk - C:\Program Files\microsoft office\Office\OSA9.EXE [2000-01-21 09:15:56]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-01-09 00:13:19]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

R1 ATMhelpr;ATMhelpr;C:\WINDOWS\system32\drivers\ATMhelpr.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 naecd;naecd;\??\C:\DOCUME~1\VALERIE\LOCALS~1\Temp\naecd.sys
S3 NBXG7031;NB 802.11g XG703 SP1 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 19:18:39
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-23 19:19:43
.
--- E O F ---

et le rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:29:00, on 23/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\pointsoft\lanceur.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\VALERIE\Mes documents\Nouveau dossier\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3444849656-3643800128-3213346944-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Océane')
O4 - HKUS\S-1-5-21-3444849656-3643800128-3213346944-1009\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Océane')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Program Files\Corel\Print House Magic\cffrem.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/acti...
O17 - HKLM\System\CCS\Services\Tcpip\..\{201A9E58-795B-43DB-A842-EFF8A84B818C}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{55C98ED5-D87C-4BA1-9D93-7C6384BB79C6}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{201A9E58-795B-43DB-A842-EFF8A84B818C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{201A9E58-795B-43DB-A842-EFF8A84B818C}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 21690 bytes

Valérie
23 Novembre 2007 22:50:05

Re

Relance un scan HijackThis et coche les lignes ci-dessous :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3444849656-3643800128-3213346944-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Océane')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O18 - Protocol: bw+0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {239A7D7B-9A5B-4491-9A90-B542F5C09686} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse le sur ton bureau
Double-clic sur clean qui se trouve dans le dossier clean.
Choisis l'option 1
Un rapport va etre généré, colle le contenu entier ici.
24 Novembre 2007 21:02:24

Bonsoir,
Voici le rapport clean

24/11/2007 a 20:37:01,26

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Dynamic Toolbar\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !

Valerie
24 Novembre 2007 21:51:36

Bien.


Relance clean mais choisis cette fois l'option 2
Enregistre le rapport une fois le scan terminé
Poste le rapport qui se trouve ici C:\rapport_clean.txt.
25 Novembre 2007 22:55:30

bonsoir,

Voici le rapport obte,u avec l'option 2

Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 25/11/2007 a 22:20:07,82

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Dynamic Toolbar\"
tentative de suppression de "C:\Program Files\Viewpoint\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Valérie


27 Novembre 2007 06:26:20

Bonlour,

Voii enfin le rapport Kapersky

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, November 27, 2007 6:15:18 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 27/11/2007
Enregistrements dans la base antivirus Kaspersky : 436868
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Statistiques de l'analyse:
Total d'objets analysés: 145448
Nombre de virus trouvés: 1
Nombre d'objets infectés: 4 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:29:25

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Application Data\Sun\Java\Deployment\cache\6.0\32\7836d960-368dc1a4/BnnnnBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré
C:\Documents and Settings\VALERIE\Application Data\Sun\Java\Deployment\cache\6.0\32\7836d960-368dc1a4/VaannnaaBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré
C:\Documents and Settings\VALERIE\Application Data\Sun\Java\Deployment\cache\6.0\32\7836d960-368dc1a4/Bnnnnn.class Infecté : Trojan.Java.ClassLoader.as ignoré
C:\Documents and Settings\VALERIE\Application Data\Sun\Java\Deployment\cache\6.0\32\7836d960-368dc1a4 ZIP: infecté - 3 ignoré
C:\Documents and Settings\VALERIE\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Messenger\marocval@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Messenger\marocval@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Messenger\marocval@hotmail.fr\SharingMetadata\Working\database_D8AC_D3D6_ACD3_ACEE\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Messenger\marocval@hotmail.fr\SharingMetadata\Working\database_D8AC_D3D6_ACD3_ACEE\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Messenger\marocval@hotmail.fr\SharingMetadata\Working\database_D8AC_D3D6_ACD3_ACEE\fsrtmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Messenger\marocval@hotmail.fr\SharingMetadata\Working\database_D8AC_D3D6_ACD3_ACEE\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Windows Live Contacts\marocval@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Application Data\Microsoft\Windows Live Contacts\marocval@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Historique\History.IE5\MSHist012007111920071126\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Historique\History.IE5\MSHist012007112620071127\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Temp\Perflib_Perfdata_268.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Temp\~DF777E.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Temp\~DF7819.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Temp\~DFD1C2.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Temp\~DFD1D3.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\VALERIE\UserData\index.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\BWDocMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\L0000155.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\VALERIE\Data\storydb.idx L'objet est verrouillé ignoré
C:\ProgramData\Electronic Arts\EADM\cache\logs\Core.html L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP734\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_498.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.

Valérie
27 Novembre 2007 15:58:14

Bonjour


Supprime ceci
C:\Documents and Settings\VALERIE\Application Data\Sun\Java\Deployment\cache\6.0\32\7836d960-368dc1a4


As tu encore ces alertes ?
27 Novembre 2007 23:02:57

Bonsoir,
Spyware Doctor detecte désormais 7 menaces

Trojan-Proxy Ranky
Adware.Maxifiles
Aware.2020search_com
Adware component.toolbars
Dialer.Carpe_Diem
Trojan PWS.Tanspy
Trojan.Generic

c'est désepérant.
Valérie
27 Novembre 2007 23:33:04

Re


Donne moi la localisation de ces infections.
28 Novembre 2007 00:55:51

Ok, je recopie le rapport car impossible de le copier

Trojan-Proxy Ranky

fichier:
c:/divtools/unzipsfx.exe
Valeur de registre à réparer:
hkey_users/s_15_21_3444849656_3643800128_3213346944_1008/software/microsoftwindows/currentversion/expl.../Advanced,hidefileext

Adware.Maxifiles

fichier:
c/document nd setting/valerie/mes docs/valerie/etim/fibrociment.doc

Valeur de registre à réparer:
hkey-users/s-15-21-3444849656-3643800128-3213346944-1008/software/microsoft/internet explorer/main/featurecontrol/feature_local_machine_lockdown,iexplore exe

hkey_users/s-1-5-18/software/microsoft/internet explorer/main/featurecontrol/feature_local_machine_lockdown,iexplore exe

Aware.2020search_com

Fichier:
c:/system VolumeInformation/_retore(171238cc-feb5-4605-9ea9-b441ebd3d66d)/rp710/a010990.dll

Valeur de registre:
hkey_classes_root/pbfrv2.pbfvr2,(default)
hkey_classes_root/pbfrv2.pbfvr2/clisd,(default)
hkey_local_machine/software/classes/clsid/(4eb7bd74f-2b8d-469e-a0es-ed6ab685fa7d),(default)
hkey_local_machine/software/classes/clsid/(4eb7bd74f-2b8d-469e-a0es-ed6ab685fa7d)/inproserver32,(default)
hkey_local_machine/software/classes/clsid/(4eb7bd74f-2b8d-469e-a0es-ed6ab685fa7d)/inproserver32,threadingmodel
hkey_local_machine/software/classes/clsid/(4eb7bd74f-2b8d-469e-a0es-ed6ab685fa7d)/progID,(default)

Cle de registre:
hkey_classes_root/pbfrv2.pbfvr2
hkey_classes_root/pbfrv2.pbfvr2/clisd
hkey_local_machine/software/classes/clsid/(4eb7bd74f-2b8d-469e-a0es-ed6ab685fa7d)
hkey_local_machine/software/classes/clsid/(4eb7bd74f-2b8d-469e-a0es-ed6ab685fa7d)/inproserver32

hkey_local_machine/software/classes/clsid/(4eb7bd74f-2b8d-469e-a0es-ed6ab685fa7d)/progID

Adware component.toolbars
Valeur registre:
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2,barid
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2;installtime
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2,lastleft
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2,lastconfigdown
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2,setuplnit
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history/combosearchi0
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history/combosearchi1
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history/combosearchi2
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history/combosearchi3
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history/combosearchi4
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history/combosearchi5

Cle de registre:
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history/combosearch
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2/history
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar/pbfrv2
hkey_users/s-1-5-21-344849656-3643800128-3213346944-1008/software/dynamic toolbar
Dialer.Carpe_Diem

Valeur registre:
hkey_user/s-1-5-21-344849656-364380012832133446944-1008/software/microsoft/systemcertificates/trustedpublisher/certfic.../EC77857721E7DFB88A5881AA4BB23151D82DE208,blob
cle registre:
hkey_user/s-1-5-21-344849656-364380012832133446944-1008/software/microsoft/systemcertificates/trustedpublisher/certfic.../EC77857721E7DFB88A5881AA4BB23151D82DE208
Trojan PWS.Tanspy
Cle de registre:
hkey_local_machine/software/microsoftwindows/current/version/control PaneNoad
Trojan.Generic
Clé de registre:
hkey_user/s-1-5-21-344849656-364380012832133446944-1008/software/wget

En paralèle, j'ai fais un scan avast et mis en quarantaine le dossier suivant:
c:/system VolumeInformation/_retore(171238cc-feb5-4605-9ea9-b441ebd3d66d)/rp710
et
c:/windows/system32

Faut il les suppimer?
Merci,
Valerie


28 Novembre 2007 11:50:36

Bonjour


Télécharge AVG Anti-Spyware
http://www.ewido.net/en/download/
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

Poste le.
20 Février 2008 22:46:04

Bonsoir,
Me revoila apres demenagement et changement de connexion.
Ci dessous le rapport
AGV anti-spyware
Merci
-------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 22:42:31 20/02/2008

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3444849656-3643800128-3213346944-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\VALERIE\Cookies\valerie@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@4.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@www.adobe[2].txt -> TrackingCookie.Adobe : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@www.belstat[1].txt -> TrackingCookie.Belstat : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@www.etracker[1].txt -> TrackingCookie.Etracker : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@adopt.euroclick[3].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\VALERIE\Cookies\valerie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS