guillaume775

Je te remercie, je ne trouvais pas, ca doit etre la fatigue Tchao !!

Je te remercie pour tes conseils J'essaierai demain de mettre résolu dans le sujet parce que je n'y arrive pas !! @+

OK j'attends

C bon, je n'ai plus aucun problème !!! Je te remercie pour ton aide et ta sympathie. Ce problème est vraiment très long et très compliqué à résoudre !! J'espère ne plus avoir à te reparler une prochaine fois, cela voudra dire que mon pc fonctionne à merveille @ + et encore merci

Apparemment ca marche très bien, j'ai redémarré plusieurs fois le pc. Il garde ma page de démarrage en mémoire et ne me mets plus de popup avec only the best en titre. J'aimerais quand eme savoir si je dois supprimer des choses suite au rapport d'active scan. En tout cas je te remercie beaucoup pour ta patience et pour ton aide. Heureusement qu'il y a des internautes expériementés pour aider des novices comme moi !!!!!

House call ne me trouve aucune infection Rapport de active scan : Incident Status Location Adware:Adware/eZula No disinfected C:\WINDOWS\system32\ezPopStub.exe Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Ab scissor.url Adware:Adware/CWS.HomeSearchAsisstantNo disinfected Windows Registry Virus:Trj/Downloader.CFJ Disinfected Operating system Virus:VBS/Inor.gen Disinfected C:\ccc222138.hta Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Ab scissor.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Broadband comparison.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Credit counseling.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Credit report.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Crm software.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Debt credit card.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Escorts.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Fha.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Health insurance.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Help desk software.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Insurance home.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Loan for debt consolidation.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Loan for people with bad credit.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Marketing email.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Mortgage insurance.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Mortgage life insurance.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Nevada corporations.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Online Betting Site.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Online gambling casino.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Online instant loan.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Order phentermine.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Payroll advance.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Personal loans online.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Personal loans with bad credit.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Prescription Drugs Rx Online.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Refinancing my mortgage.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Tahoe vacation rental.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Unsecured bad credit loans.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\Videos.url Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\Propriétaire\Favoris\Sites about\What is hydrocodone.url Adware:Adware/eZula No disinfected C:\WINDOWS\system32\ezPopStub.exe Adware:Adware/Startpage.ABR No disinfected C:\WINDOWS\winini32.exe Log hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 23:10:41, on 03/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoctrl.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\ULTIMA~1.7\uzip.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NUMERICABLE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoguard.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe J'attends ta précieuse aide !!

Re J'arrive à faire les scans, je te mets les rapports dès que c fini

Me revoilà, J'ai bien fixé toutes les lignes indiquées avec hijack mais je n'arrive pas à faire les analyses avec housecall et activescan. Ils me mettent que c impossible !! Pourtant j'ai tout désactivé (norton, pare feu ). Bref voici tout de même mon dernier log Logfile of HijackThis v1.99.1 Scan saved at 22:15:31, on 03/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoctrl.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE C:\PROGRA~1\ULTIMA~1.7\uzip.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NUMERICABLE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoguard.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe J'attends ta réponse Merci de ta patience

J'ai fait tout ce que tu m'as dit de faire. Voici les logs : Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 21:00:29, on 03/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoctrl.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoguard.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ULTIMA~1.7\uzip.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMP\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NUMERICABLE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {93818BC9-D266-1EB9-EDFE-1C682654EE66} - C:\WINDOWS\atlom.dll (file missing) O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\winlb.exe (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\Propriétaire\Mes documents\blue\security suite\ewidoguard.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Log de SPSeHjfix : (5/3/05 20:03:40) SPSeHjFix started v1.1.2 (5/3/05 20:03:40) OS: WinXP Service Pack 2 (5.1.2600) (5/3/05 20:03:40) Language: français (5/3/05 20:03:40) Win-Path: C:\WINDOWS (5/3/05 20:03:40) System-Path: C:\WINDOWS\system32 (5/3/05 20:03:40) Temp-Path: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ (5/3/05 20:03:42) Disinfection started (5/3/05 20:03:42) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:42) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:42) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:42) Bad IE-pages: deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\windows\pmrhw.dll/sp.html#83556 deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Search Page: res://c:\windows\pmrhw.dll/sp.html#83556 deleted: HKCU\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank deleted: HKCU\Software\Microsoft\Internet Explorer\Search, SearchAssistant: res://c:\windows\pmrhw.dll/sp.html#83556 deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Bar: res://c:\windows\pmrhw.dll/sp.html#83556 deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Search Page: res://c:\windows\pmrhw.dll/sp.html#83556 deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Start Page: about:blank deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Default_Page_URL: about:blank deleted: HKLM\Software\Microsoft\Internet Explorer\Main, Default_Search_URL: res://c:\windows\pmrhw.dll/sp.html#83556 deleted: HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant: res://c:\windows\pmrhw.dll/sp.html#83556 (5/3/05 20:03:42) Stealth-String not found (5/3/05 20:03:42) No locked Files to delete. End without Reboot (5/3/05 20:03:45) Disinfection started (5/3/05 20:03:45) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:45) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:45) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:45) Bad IE-pages: (none) (5/3/05 20:03:45) Stealth-String not found (5/3/05 20:03:45) No locked Files to delete. End without Reboot (5/3/05 20:03:46) Disinfection started (5/3/05 20:03:46) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:46) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:46) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:46) Bad IE-pages: (none) (5/3/05 20:03:46) Stealth-String not found (5/3/05 20:03:46) No locked Files to delete. End without Reboot (5/3/05 20:03:46) Disinfection started (5/3/05 20:03:46) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:46) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:46) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:46) Bad IE-pages: (none) (5/3/05 20:03:46) Stealth-String not found (5/3/05 20:03:46) No locked Files to delete. End without Reboot (5/3/05 20:03:47) Disinfection started (5/3/05 20:03:47) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) Bad IE-pages: (none) (5/3/05 20:03:47) Stealth-String not found (5/3/05 20:03:47) No locked Files to delete. End without Reboot (5/3/05 20:03:47) Disinfection started (5/3/05 20:03:47) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) Bad IE-pages: (none) (5/3/05 20:03:47) Stealth-String not found (5/3/05 20:03:47) No locked Files to delete. End without Reboot (5/3/05 20:03:47) Disinfection started (5/3/05 20:03:47) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) Bad IE-pages: (none) (5/3/05 20:03:47) Stealth-String not found (5/3/05 20:03:47) No locked Files to delete. End without Reboot (5/3/05 20:03:47) Disinfection started (5/3/05 20:03:47) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:47) Bad IE-pages: (none) (5/3/05 20:03:47) Stealth-String not found (5/3/05 20:03:47) No locked Files to delete. End without Reboot (5/3/05 20:03:48) Disinfection started (5/3/05 20:03:48) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:03:48) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:48) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:03:48) Bad IE-pages: (none) (5/3/05 20:03:48) Stealth-String not found (5/3/05 20:03:48) No locked Files to delete. End without Reboot (5/3/05 20:04:00) Disinfection started (5/3/05 20:04:00) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:04:00) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:00) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:00) Bad IE-pages: (none) (5/3/05 20:04:00) Stealth-String not found (5/3/05 20:04:00) No locked Files to delete. End without Reboot (5/3/05 20:04:43) Disinfection started (5/3/05 20:04:43) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:04:43) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:43) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:43) Bad IE-pages: (none) (5/3/05 20:04:43) Stealth-String not found (5/3/05 20:04:43) No locked Files to delete. End without Reboot (5/3/05 20:04:44) Disinfection started (5/3/05 20:04:44) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:04:44) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:44) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:44) Bad IE-pages: (none) (5/3/05 20:04:44) Stealth-String not found (5/3/05 20:04:44) No locked Files to delete. End without Reboot (5/3/05 20:04:44) Disinfection started (5/3/05 20:04:44) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:04:44) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:44) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:44) Bad IE-pages: (none) (5/3/05 20:04:44) Stealth-String not found (5/3/05 20:04:44) No locked Files to delete. End without Reboot (5/3/05 20:04:44) Disinfection started (5/3/05 20:04:44) Bad-Dll(IEP): c:\windows\pmrhw.dll (5/3/05 20:04:44) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:44) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:04:44) Bad IE-pages: (none) (5/3/05 20:04:44) Stealth-String not found (5/3/05 20:04:44) No locked Files to delete. End without Reboot (5/3/05 20:06:47) SPSeHjFix started v1.1.2 (5/3/05 20:06:47) OS: WinXP Service Pack 2 (5.1.2600) (5/3/05 20:06:47) Language: français (5/3/05 20:06:47) Win-Path: C:\WINDOWS (5/3/05 20:06:47) System-Path: C:\WINDOWS\system32 (5/3/05 20:06:47) Temp-Path: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ (5/3/05 20:06:49) Disinfection started (5/3/05 20:06:49) Bad-Dll(IEP): (not found) (5/3/05 20:06:49) Bad-Dll(IEP) in BHO: (not found) (5/3/05 20:06:49) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:06:49) UBF: 4 - UBB: 2 - UBR: 9 (5/3/05 20:06:49) Bad IE-pages: (none) (5/3/05 20:06:49) Stealth-String not found (5/3/05 20:06:49) Not infected->END Log de Ewido : --------------------------------------------------------- ewido security suite - Rapport de scan --------------------------------------------------------- + Créé le: 20:36:52, 03/05/2005 + Somme de contrôle: E688A6DB + Date des signatures: 03/05/2005 + Version du moteur de recherche: v3.0 + Temps: 28 min + Fichiers scannés: 84037 + Vitesse: 49.29 Fichiers/Secondes + Fichers infectés: 12 + Fichiers supprimés: 12 + Fichiers mis en quarantaine: 12 + Fichiers ne pouvant pas être ouverts: 0 + Fichiers ne pouvant pas être nettoyés: 0 + Liés: Oui + Cryptés: Oui + Archives: Oui + Elements scannés: C:\ D:\ + Résultats du scan: C:\Documents and Settings\Propriétaire\Bureau\Conneries\virus .exe -> Not-A-Virus.Joke.Melter -> Nettoyer et sauvegarder C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bluestreak[1].txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.smartadserver[2].txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\Documents and Settings\Propriétaire\Cookies\propriétaire@xiti[1].txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\RECYCLER\S-1-5-21-329068152-1326574676-839522115-1003\Dc93.txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\RECYCLER\S-1-5-21-329068152-1326574676-839522115-1003\Dc94.txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\RECYCLER\S-1-5-21-329068152-1326574676-839522115-1003\Dc95.txt -> Spyware.Tracking-Cookie -> Nettoyer et sauvegarder C:\WINDOWS\javabz32.exe -> Trojan.Agent.bi -> Nettoyer et sauvegarder C:\WINDOWS\pmrhw.dll -> Spyware.Hijacker.Generic -> Nettoyer et sauvegarder C:\WINDOWS\system32\eyzne.dll -> Spyware.Hijacker.Generic -> Nettoyer et sauvegarder C:\WINDOWS\system32\javex80.vxd/C:/WINDOWS/system32/nvms.dll -> Spyware.Bargainbuddy -> Nettoyer et sauvegarder C:\WINDOWS\system32\javex80.vxd/C:/Program Files/NaviSearch/bin/nls.exe -> Spyware.ExactSearchBar -> Nettoyer et sauvegarder ::Fin du rapport J'attends tes précieux conseils. Que dois je faire maintenant ? J'ai un truc bizarre en plus. Tous les icones internet explorer ne fonctionnent plus. Je suis obligé de taper les adresses dans la barre d'adresse de 'nimpporte quel fichier !!! Merci de ton aide

Voici mon nouveau log. Merci par avance pour ton aide Logfile of HijackThis v1.99.1 Scan saved at 19:24:20, on 03/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\apidy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\WINDOWS\system32\sysvf.exe C:\PROGRA~1\ULTIMA~1.7\uzip.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NUMERICABLE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {93818BC9-D266-1EB9-EDFE-1C682654EE66} - C:\WINDOWS\atlom.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [apidy.exe] C:\WINDOWS\apidy.exe O4 - HKLM\..\RunOnce: [ntbt32.exe] C:\WINDOWS\ntbt32.exe O4 - HKLM\..\RunOnce: [sysvf.exe] C:\WINDOWS\system32\sysvf.exe O4 - HKLM\..\RunOnce: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\winlb.exe (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Je te remercie pour tes conseils, je vais faire tout ça et je recopierai mon log

Bonjour à tous, J'ai depuis peu une sorte de virus assez pénible. Il n'accepte plus ma page de démarrage et met à la place about: blank De plus, des pop up s'affichent de temps en temps Enfin il me rajoute des favoris tout seul J'ai regardé un peu dans le forum et certains d'entre vous savent analyser les log pour voir d'où vient le problème. Pouvez vous SVP analyser le mien et me dire ce que je dois faire exactement pour me débarasser de ce virus ? A cause de cela, je ne peux plus autoriser mes enfants à aller sur le net, des pop up de sexe s'affichent !!! Je vous remercie de votre aide Ci dessous mon log Logfile of HijackThis v1.98.2 Scan saved at 18:19:12, on 03/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\ntbt32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\apidy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\pmrhw.dll/sp.html#83556 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NUMERICABLE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {93818BC9-D266-1EB9-EDFE-1C682654EE66} - C:\WINDOWS\atlom.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [apidy.exe] C:\WINDOWS\apidy.exe O4 - HKLM\..\RunOnce: [ntbt32.exe] C:\WINDOWS\ntbt32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll