Forums Zebulon.fr: Bureau bloqué et PSGUARD - Forums Zebulon.fr

Salut,
J'espere que tu pourra faire ces mainpulation:

1- Copier la citation ci-dessous dans un fichier fix.txt (bloc notes) l’enregistrer sous c:\ puis changer l’extension en fix.reg

Citation

2-Démarrer le logiciel HijackThis et lancer un scan "Do a system scan only".
Puis cocher les lignes suivantes (dans HijackThis):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=37794
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=37794
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=37794
O2 - BHO: HomepageBHO - {3bf1f86f-b1a8-489b-8d8b-43781d51411f} - C:\WINDOWS\system32\hp65FD.tmp (file missing)
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone (HKLM)
O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll
O20 - Winlogon Notify: st3i - C:\WINDOWS\q3422406.dll


Fermer toutes les fenêtres Windows, Internet explorer, Outlook,…sauf le logiciel Hijackthis et cliquer sur « Fix checked »

Redémarrer en mode sans echec (appuyer sur F8 ou F5 lors du démarrage)

3-Double cliquer sur fix.reg / OK / fusionner /

4-Ensuite aller dans l’ Explorateur Windows et afficher tous les fichiers cachés:
Dans une fenêtre de l'explorateur Windows, cliquez sur le menu "Outils" et choisissez "Options des dossiers...".
Affichez l'onglet "Affichage" et sélectionnez l'option "Afficher les fichiers et dossiers cachés"

Cliquer sur « Appliquer ». Fermer la fenêtre d'options en cliquant "OK".
En image ici

et supprimer les fichiers ci dessous si ils sont présent :


C:\WINDOWS\system32\hp65FD.tmp
C:\Program Files\Security Toolbar\
C:\WINDOWS\system32\st3.dll
C:\WINDOWS\q3422406.dll
C\temp\ <-- supprimer tout le contenu du dossier
C:\windows\temp\ <-- supprimer tout le contenu du dossier
C:\windows\Downloaded Program Files\ <-- supprimer tout le contenu du dossier
C:\Documents and settings\Tous les identifiants\application data\Sun\Java\Deployment\cache\javapi1.0\jar\ <-- supprimer tout le contenu du dossier
C:\Documents and Settings\Tous les identifiants\Local Settings\Temp\ <-- supprimer tout le contenu du dossier
C:\Documents and Settings\ Tous les identifiants\Local Settings\Temporary Internet Files\ <-- supprimer tout le contenu du dossier
Fichier temporaire internet:
Démarrer/panneau de configuration/options internet
--> button supprimer cookies
--> button supprimer fichier temporaire internet
Fichiers temporaries : Démarrer/exécuter " CleanMgr "
Cocher tout sauf :
Compression des fichiers non utilisés
Fichiers catalogue d’indexation du contenu
/ OK / OUI

Dans l'Explorateur Windows recacher les fichiers systeme afin de ne pas faire d'erreur a l'avenir:
Retournez à la fenêtre <Paramètres de dossier> et sélectionnez <Ne pas afficher les fichiers cachés ou les fichiers système>.

Redémarrer normalement,

5-Télécharge SmitfraudFix de S!Ri, moe31 et balltrap34 ( http://siri.urz.free...mitfraudFix.zip ) :

Citation

6- Télécharger et exécuter: http://www.silentrun...t%20Runners.vbs
Puis copier ici le rapport.

7-Puis revenir mettre un rapport Hijackthis

Salut,
j'ai bien appliqué les conseils de BipBip07.
Quelques problèmes : comme je n'ai accès qu'à l'invite de commande, je n'ai pas accès aux fichiers cachés et je n'ai donc pas pu toucher aux fichiers contenus dans documents and settings. De plus, je n'ai pu lancer silent runner depuis cette invite.
Tout le reste, je l'ai fait. Voici les rapports Smitfraudfix et Hijackthis :

SmitFraudFix v1.92

Rapport fait à 16:40:16,48 le 01/11/2005
Executé à partir de F:\
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\J\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\J\Bureau


»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport



Logfile of HijackThis v1.99.1
Scan saved at 16:58:35, on 01/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cmd.exe
F:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Opware14] "C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe"
O4 - HKLM\..\Run: [PDF Converter Registry Controller] "C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\RegistryController.exe"
O4 - HKLM\..\Run: [SSPrnAgent] C:\Program Files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir le fichier PDF dans Word - res://C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\IEShellExt.dll /300
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O17 - HKLM\System\CCS\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168
O17 - HKLM\System\CS1\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168
O17 - HKLM\System\CS2\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: eFilmProcessManagerNT - Unknown owner - C:\Program Files\Merge eFilm\eFilm\efPMNT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAcc - Unknown owner - C:\Program Files\Merge eFilm\eFilm\SCSIACC.EXE


Mon ordinateur n'est toujours pas accessible sous windows : la flèche bouge mais je ne peux double cliquer sur aucune icône. Le menu démarrer est inaccessible.
Merci de votre aide.

J'ai maintenant accès au bureau de windows XP et je peux ouvrir les différents fichiers.
J'en ai profité pour réaliser toutes les opérations qui m'avaient été conseillées et de réalisation impossible sous l'invite de commande.
Le problème est mainteant le fon d'écran. Lorsque j'ai voulu modifier le fond d'écran bleu avec un papier peint internet explorer, il est devenu blanc et plus modifiable. J'en déduis que tout n'est pas réparé. Mais je dois avouer que je remercie tout le monde et particulièrement bipbip car j'ai maintenant accès à mes fichers dont la perte aurait été pénible.
J'ai fait une analyse antivir et un rapport hijackthis, que je vous soumet.


Creation date of the report file: mardi 1 novembre 2005 18:18

AntiVir®/XP (2000 + NT) PersonalEdition Classic
Build 1111 of 18.10.2005
Mainprogram 6.32.00.50 of 13.10.2005
VDF file 6.32.10.8 (0) of 24.10.2005


This program is for PERSONAL USE only.
Any other use is PROHIBITED.
Informations regarding commercial versions of AntiVir may be obtained from:
www.hbedv.com.


Scanning for 236506 virus strains and unwanted programs.

Licensed for: AntiVir Personal Edition
Serial number: 0000149991-WURGE-0001

Please enter the workstation and
contact name with phone number in this form:

Name ___________________________________________

Street ___________________________________________

Town ___________________________________________

Phone/Fax ___________________________________________

Email ___________________________________________

Platform: Windows NT Workstation
Windows version: 5.1 Build 2600 (Service Pack 2)
Username: J
Processor: Pentium
Working memory: 785412 KB free

Version information:
AVWIN.DLL : 6.32.00.50 561192 13.10.2005 16:32:14
AVEWIN32.DLL : 6.32.0.57 954880 14.10.2005 15:08:24
AVGNT.EXE : 6.32.00.02 180327 14.10.2005 12:32:02
AVGUARD.EXE : 6.32.00.12 208424 17.10.2005 08:35:12
GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:10
AVGCMSG.DLL : 6.32.00.01 295029 13.10.2005 16:32:14
AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16
AVPACK32.DLL : 6.32.00.02 319528 18.10.2005 11:57:30
AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20
AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 17:10:22
AVSched32.EXE : 6.32.00.01 110632 20.09.2005 14:16:24
AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:10
AVREG.DLL : 6.31.00.05 41000 07.09.2005 16:34:50
AVRep.DLL : 6.32.00.111 1441832 24.10.2005 16:36:46
INETUPD.EXE : 6.32.00.52 262203 17.10.2005 15:46:14
INETUPD.DLL : 6.32.00.52 143360 17.10.2005 15:46:14
CTL3D32.DLL : 2.31.000 27136 18.09.2002 16:22:38
MFC42.DLL : 6.02.4131.0 1028096 20.08.2004 00:09:30
MSVCRT.DLL : 7.0.2600.2180 (xpsp_sp2_rtm.0408
MSVCRT.DLL : 7.0.2600.2180 343040 20.08.2004 00:09:34
CTL3DV2.DLL : No information

Configuration file:

Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
Start path: C:\Program Files\AVPersonal
Command line:
Start mode: unknown

Mode of report file:
[ ] Do not create report
[X] Overwrite report
[ ] Append new report

Data in report file:
[X] Infected files
[ ] Infected files with paths
[ ] All scanned files
[ ] Full information

Abridge report file:
[ ] Abridge report file

Warnings in report:
[X] Access denied/file locked
[X] Wrong file size in directory
[X] Wrong creation time in directory
[ ] COM file is too large
[X] Invalid start address
[X] Invalid EXE header
[X] Possibly damaged

Summary report:
[X] Create summary report
Output file: AVWIN.ACT
Maximum number of entries: 100

Where to search:
[X] Memory
[X] Boot record of selected drives
[ ] Report unknown boot sectors
[X] All files
[ ] Program files

Response in case of a detection:
[X] Repair with prompt
[ ] Repair without prompt
[ ] Delete with prompt
[ ] Delete without prompt
[ ] Write in report file only
[X] Acoustic alarm

Response in case of destroyed files:
[X] Delete with prompt
[ ] Delete without prompt
[ ] Ignore

Response in case of destroyed files:
[X] No change
[ ] Current system time
[ ] Correct date

Drag&drop settings:
[X] Scan subdirectories

Profile settings:
[X] Scan subdirectories

Archive options
[X] Search archive
[X] Archive types to leave out
1000 1001 1002

Miscellaneous options:
Temporary path: %TEMP% -> C:\DOCUME~1\J\LOCALS~1\Temp
[X] Overwrite infected files
[ ] Detect idle time
[X] Allow interruptions of scan
[ ] Load AVWin®/NT Guard on System start

General settings:
[X] Save options on exiting AntiVir
Priority: medium

Drives:
A: Floppy drive
C: Hard disk
D: CD-ROM
E: CD-ROM

Start of scan: mardi 1 novembre 2005 18:18

Memory test OK
Master boot record of hard disk HD0 OK
Boot record of drive C: OK


Access denied! Error during file opening!
Error code: 0x0002
C:\

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\DELL

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images

WARNING! Access error/file locked!
C:\Documents and Settings\J
NTUSER.DAT
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
ntuser.dat.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Bureau

WARNING! Access error/file locked!
C:\Documents and Settings\J\Local Settings\Application Data\Microsoft\Windows
UsrClass.dat
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
UsrClass.dat.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
C:\Documents and Settings\J\Local Settings\Temp
~DF2EB6.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
~DF2FEF.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
~WRS0002.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Clips

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\48553

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\icones

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\rk-launcher_rk_launcher_0.4_francais_14854\docklets\RecycleBin\icons

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\rk-launcher_rk_launcher_0.4_francais_14854\icons

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\rk-launcher_rk_launcher_0.4_francais_14854\themes\Default

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Clipping

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Devices

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Dock

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Folders

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Locations

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Network

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Toolbar

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Toolbar\Toolbar _ Computer

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Applications

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Drives

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Folders

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Misc

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Online

WARNING! Access error/file locked!
C:\Documents and Settings\J\Mes documents\Incoming\Programs ppc\utilitaires\PPC UTILS\COMPAQ PATCHES_MANUALS
SP19258upgrade guide.exe
ArchiveType: CAB SFX (self extracting)
--> \Pocket PC 2002 Reference Guide.pdf
NOTE! Invalid compressed data
SP20130 2002 EUU1.exe
ArchiveType: CAB SFX (self extracting)
--> \SP20130\USA\PPCEUU1.cab
ArchiveType: CAB (Microsoft)
--> coreapps.003
NOTE! Invalid compressed data
--> 0000sync.002
NOTE! Invalid compressed data
--> browsing.001
NOTE! Invalid compressed data
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\ADMINISTRATION

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\Mutuelle

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\anatomie\cerebral

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\anatomie\cou larynx

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Articles\KMD\Vésale

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Articles\KMD\Vésale\Images

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Articles\KMD\Vésale\KMD\Vésale\Images USB

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Cours HEGP

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\DEA

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Diffusion

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Dig

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Gynéco\Sein

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\DCIS

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Lymphome osseux primitif

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\thèse hypophyse

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Work in Progress

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Work in Progress\Nouveau dossier

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Work in Progress\Nouveau dossier\Nouveau dossier

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\RADIOPROTECTION

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\Sécu

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Jérôme\Sécu\Sécu

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Loulou

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Loulou\BackUp Louisa\Axa cession\30.09.02\technique\note pool_fichiers

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Babylone by bus

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Burnin'

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Catch a fire

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Confrontation

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Exodus

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Kaya

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Live

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Rastaman Vibration

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Survival

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Uprising

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\christina_aguilera_stripped

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Massive Attack - 100th Window

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Norah.Jones.Come.Away.With.Me

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\oriental

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\STING

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\The Beatles - 1697-1970

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\The Beatles - 1962-1966

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Ma musique\Albums\The Lord of the Rings- The Return of the King

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mariage\faire part

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mariage\faire part\2004-02 (févr.)

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mariage\Plans de tables

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mariage\robes

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Disney 12-04

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Divers

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Divers\Nouvelle Orléans

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Henné

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Henné\grande photos mum

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Henné\henne bis

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Henné\Nouveau dossier

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Henné\petites photos henné

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Henné\photos moyennes mum

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Henné\photos petites mum

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Londres 2005

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\19-06-04

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\mariagej&l-1

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\Mariagej&l-2

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\mémé photos

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\mémé photos\henne bis

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photo jeanette

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos marseille

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos mouss

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos nadia

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos rachid

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\PY\FormatNumerique

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Norvège\au travail

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Norvège\plage et fjord

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\PHOTOS

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\PHOTOS\Hernigou

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Photos à trier

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Seychelles 2005

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\J\Mes documents\Mes images\Vienne 2005

WARNING! Access error/file locked!
C:\Documents and Settings\NetworkService
NTUSER.DAT
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
ntuser.dat.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows
UsrClass.dat
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
UsrClass.dat.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\My Shared Folder

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Program Files\Ahead\Nero ShowTime\Skins

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Program Files\eChanblard\Incoming\Mano.Negra.-.Patchanka.-.[Mpc.HQ].by.Beto\Patchanka\Extra

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Program Files\eChanblard\skins

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Program Files\eChanblard\webserver

WARNING! Access error/file locked!
C:\Program Files\Free.fr\Dialer
Dialer.exe
[DETECTION] Contains signature of the dial-up program DIAL/Generic
WAS DELETED!
Access denied! Error during file opening!
Error code: 0x0002
C:\Program Files\Winamp\Skins\Winamp Modern\shade

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002
C:\Program Files\Winamp\Skins\Winamp Modern\window

WARNING! Access error/file locked!
C:\Program Files\WinRAR
rarnew.dat
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
Error! Could not change directory: System Volume Information
C:\WINDOWS\system32
Process.exe
[DETECTION] Contains signature of the SPR/Processor.20 program
WAS DELETED!
C:\WINDOWS\system32\config
default
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
default.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SECURITY.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
software
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
software.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
system
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
system.LOG
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!


Access denied! Error during file opening!
Error code: 0x0002
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images

WARNING! Access error/file locked!

End of scan: mardi 1 novembre 2005 19:39
Time taken: 80:52 min


6409 directories were scanned
123472 files were scanned
136 warning messages were issued
2 files were deleted
0 files were repaired
2 detections



Logfile of HijackThis v1.99.1
Scan saved at 19:47:44, on 01/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HighJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Opware14] "C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe"
O4 - HKLM\..\Run: [PDF Converter Registry Controller] "C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\RegistryController.exe"
O4 - HKLM\..\Run: [SSPrnAgent] C:\Program Files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir le fichier PDF dans Word - res://C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\IEShellExt.dll /300
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O17 - HKLM\System\CCS\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168
O17 - HKLM\System\CS1\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168
O17 - HKLM\System\CS2\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: eFilmProcessManagerNT - Unknown owner - C:\Program Files\Merge eFilm\eFilm\efPMNT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAcc - Unknown owner - C:\Program Files\Merge eFilm\eFilm\SCSIACC.EXE


Merci d'avance.

Bonsoir,
Maintenant que tu as acces au PC fait ceci:

vas dans ma signature consignes de sécurité et installer Adaware, Spybot,Easycleaner(registre uniquement), et Ccleaner
Ensuite en mode sans echec de préférence passe tout ces utilitaires,

Puis,
Demarrer > panneau de configuration > affichage > bureau >
ensuite remet un fond d'écran

> personnalisation du bureau
onglet web
supprime tout ce qui se touve là, sauf ma page d'acceuil que tu laissera décochée.

Redémarrer normalement,

Faire un scan en ligne chez Ravantivirus(mettre un fausse adresse email ou une adresse hotmail):
http://www.ravantivirus.com/scan/
jusqu'à ce que "ready to scan" apparaisse
cela doit se présenter comme ceci http://img272.echo.c...7830/rav0gh.jpg
Tu cliques ensuite sur "scan my pc" (étape 3 de l'image)
A la fin du scan, qui peut prendre un certain temps, tu copies et colles le rapport ici

Ou celui la
PANDA si tu n'y arrive pas : tutorial

Hello
J'ai fait tout ce que tu m'avais conseillé.
Tout semble fonctionner correctement.
A noter, à la fin de l'application de spybot, j'ai remarqué une bande grisée en haut du bureau (qui était alors en blanc eet ce depuis que j'avais à nouveau accès au bureau). En approchant la souris, une croix est apparue en haut à droite du genre "fermer". J'ai appuyé dessus et le fond d'écran par défaut de windows (collines verdoyantes) est alors apparu.
Je peux dorénavant changer de fond d'écran.
J'ai appliqué Panda qui retrouve un spyware et c'est tout. Par contre, il ne me le supprime pas. Je l'ai fait manuellement mais je le laisse dans ma poubelle graignant de faire une bêtise.
Ci-joint le rapport.
Encore merci de votre aide à tous.
Merci de me dire si je dois considérer que mon ordinateur est enfin "guéri". Quels sont vos conseils pour la suite ?

Vide la corbeille.

Il est dommage que tu ne nous ai pas mis le resultat du scan de PAda pour que nous voyons par nous meme ce malware ! Trop tard

Sinon apparament tu n'as pas de firewall. Tu en trouvera un gratuit dans ma signature "consignes de sécurité"
@+

Désolé
j'ai oublié de vous coller le rapport panda dans mon dernier post, et bien sûr je l'ai effacé.
Quoi qu'il en soit,il ne s'agissait que d'un spyware, niveau de menace "low" d'après Panda. Il correspondait à un raccourci dans le menu démarrer avec un nom du genre "windows security...".
En ce qui concerne mon firewall, j'utilise celui d'XP. Si il est insuffisant, j'en installerai un autre.

Encore Merci

Salut,
Oui le firewall de XP est trés insuffisant. Donc intalle un vrai Firewall et désactive celui de XP alors devenu inutile.
A+