Liloute

Salut Tornado, re pitcat, J'ai donc suivi la procédure de Jack burton, j'ai passé un coup de Lopremover puis j'ai réinstallé MSN plus sans le sponsor... Voici le rapport fait avec Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 15:19:40, on 10/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\ATI-CPanel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Documents and Settings\Chantal\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe Celle ci y est toujours: O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" Si la seule solution est désintaller MSN+ et de ne pas le remettre, ok, dites le moi, je le ferai Merci a vous 2

Ok, je suis en train de le faire Voici donc, apres désintallation et réinstallation sans le sponsor: Logfile of HijackThis v1.99.1 Scan saved at 12:12:49, on 10/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\ATI-CPanel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Documents and Settings\Chantal\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe Rien a changé a première vue lol

Merci à toi pour ta réponse, apparement, oui...il y est... J'attends la bénédiction des spécialistes pour suivre la démarche indiquée et aussi les quelques lignes a fixer car seulement 3 sont identiques à celle de ton lien pour MessengerPlus

Je vous poste mon rapport Hijackthis (après avoir suivi vos manip avec Antivir et tout), merci de me dire si mon pc est squatté Logfile of HijackThis v1.99.1 Scan saved at 11:12:48, on 10/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\ATI-CPanel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Chantal\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Un grand merci pour la réponse, bon elle a fait les manips et: services.msc "le service ne démarre pas en sans échec" Print, Fat et windows network> "service pas installé" Voici le rapport Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 23:59:29, on 09/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\winlogon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\windows\System32\msdxm.ocx O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL instant messenger 7.0 (aol7.0) - Unknown owner - C:\windows\winlogon.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: windows virus scanner (windows antivirus) - Unknown owner - C:\windows\nav32.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing)

vous etes là?

Il me semble l'avoir fais... je confirmerai ce soir

Je ne sais pas vous, mais moi rien a voire ce tuto et la version 7... je l'ai d'ailleurs signalé hier dans un autre topic.

Voici le rapport copier/coller du contenu de la fenêtre Virus Log Information (en sans échec): File C:\windows\nav32.exe infected by "Backdoor.Win32.SdBot.xd" Virus. Action Taken: File Renamed. File C:\windows\pskill.exe tagged as not-a-virus:RiskTool.Win32.PsKill.1101. No Action Taken. File C:\windows\System32\i infected by "Trojan-Downloader.BAT.Ftp.ab" Virus. Action Taken: File Deleted. File C:\windows\System32\8tv5vslh.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\windows\System32\643dajee.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\windows\System32\67jivb3k.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\windows\System32\od1p5mi4.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\WINDOWS\system32\8tv5vslh.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\WINDOWS\system32\643dajee.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\WINDOWS\system32\67jivb3k.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\WINDOWS\system32\od1p5mi4.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken. File C:\WINDOWS\pskill.exe tagged as not-a-virus:RiskTool.Win32.PsKill.1101. No Action Taken. File C:\Sauve\Program Files\MySearch\bar\1.bin\S42NS.EXE tagged as not-a-virus:AdWare.Win32.MyWay.o. No Action Taken. File C:\Documents and Settings\Utilisateur\Mes documents\?†?f???†?™ and Remember KiDs BED FOR SLEEP, NOT FOR PORN !_28_10_2005@4_36_24.wav infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Documents and Settings\Utilisateur\Mes documents\?†?f???†?™ and Remember KiDs BED FOR SLEEP, NOT FOR PORN !_28_10_2005@4_37_12.wav infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Documents and Settings\Utilisateur\Mes documents\?†?f???†?™ and Remember KiDs BED FOR SLEEP, NOT FOR PORN !_28_10_2005@4_39_07.wav infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Documents and Settings\Utilisateur\Mes documents\?†?f???†?™ and Remember KiDs BED's FOR SLEEP, NOT FOR PORN !_29_10_2005@20_50_19.wav infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP2\A0000053.exe infected by "Trojan-Downloader.Win32.Harnig.bb" Virus. Action Taken: File Deleted. File C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP4\A0001045.exe infected by "Trojan-Downloader.Win32.Harnig.bb" Virus. Action Taken: File Deleted. File C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP4\A0013987.dll tagged as not-a-virus:AdWare.Win32.Maxifiles.s. No Action Taken. File C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP8\A0026152.exe tagged as not-a-virus:AdWare.Win32.SaveNow.bo. No Action Taken. File C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP8\A0028210.exe infected by "Backdoor.Win32.SdBot.xd" Virus. Action Taken: File Renamed. File C:\docs.exe infected by "Trojan-Downloader.Win32.Harnig.bb" Virus. Action Taken: File Deleted. Et le rapport Hijackthis en mode normal: Logfile of HijackThis v1.99.1 Scan saved at 22:53:34, on 08/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\windows\System32\msdxm.ocx O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\windows\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown ow

Hummmmmmmmm.... je voudrais faire un rapport sur mon propre pc, (je vous poste depuis quelques jours les rapports de mon amie), mais je rencontre un petit soucis: je télécharge Antivir, comme vous le conseillez, je passe en mode sans échec, mais quand je l'installe et que je veux le configurer comme il est indiqué dans un tuto dont vous donnez le lien, rien ne correspond (l'interface, les options, je ne retrouve aucunement le menu en image bref rien ne correspond ) !! Je fais comment? lol Je crois voir que le tuto est fait pour la version 6 et que http://www.free-av.com/ ne propose que la version 7 Merci de m'aider

Ok.............Elle est en train de le faire.... Merci beaucoup pour elle en tout cas, c'est très gentil de votre part A dans........15 minutes pour les rapports

Voici les rapports: Avec RDivRem en sans échec: RDrivRem Log 2:45:52,64 08/02/2006 ~~~~~~~~~~~~~ Pre-run File Check ~~~~~~~~~~~~~ ~~~~~~~~~~~~~ Post run File Check ~~~~~~~~~~~~~ Ewido en normal: (il ne se lance pas en sans éhec): --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 03:58:21, 08/02/2006 + Somme de contrôle: 7FFB2901 + Résultats du scan: HKLM\SOFTWARE\Classes\CLSID\{6E28339B-7A2A-47B6-AEB2-46BA53782359} -> Adware.Generic : Nettoyer et sauvegarder HKLM\SOFTWARE\Classes\CLSID\{6E28339B-7A2A-47B6-AEB2-46BA53782379} -> Logger.Small.cz : Nettoyer et sauvegarder C:\WINDOWS\Temp\ASHeuristic\pz[1]_exe.vir -> Proxy.Ranky.ek : Nettoyer et sauvegarder C:\WINDOWS\Temp\ASHeuristic\alc_exe.vir -> Proxy.Ranky.ek : Nettoyer et sauvegarder :mozilla.46:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Firefox\Profiles\m1dniwyi.default\cookies.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder :mozilla.47:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Firefox\Profiles\m1dniwyi.default\cookies.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder :mozilla.254:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Firefox\Profiles\m1dniwyi.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.255:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Firefox\Profiles\m1dniwyi.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.151:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.152:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.153:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.205:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder :mozilla.377:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Adrevolver : Nettoyer et sauvegarder :mozilla.378:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Adrevolver : Nettoyer et sauvegarder :mozilla.379:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Adrevolver : Nettoyer et sauvegarder :mozilla.382:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt -> TrackingCookie.Adrevolver : Nettoyer et sauvegarder :mozilla.311:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\Default User\wtu55xzg.slt\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder :mozilla.312:C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\Default User\wtu55xzg.slt\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IBIZ2T45\pz[1].exe -> Proxy.Ranky.ek : Nettoyer et sauvegarder C:\Documents and Settings\Utilisateur\Cookies\utilisateur@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder :mozilla.55:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-3.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder :mozilla.254:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-1.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder :mozilla.447:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.448:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.449:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.450:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.286:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-2.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder :mozilla.457:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.458:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.459:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.460:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder :mozilla.55:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-4.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder :mozilla.55:C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-5.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0016097.exe -> Backdoor.Aimbot.cc : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0016100.exe -> Backdoor.Aimbot.cc : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0017086.EXE -> Backdoor.Aimbot.cc : Nettoyer et sauvegarder C:\alc.exe -> Proxy.Ranky.ek : Nettoyer et sauvegarder :mozilla.169:C:\FOUND.028\FILE0002.CHK -> TrackingCookie.Yadro : Nettoyer et sauvegarder :mozilla.190:C:\FOUND.028\FILE0002.CHK -> TrackingCookie.Clickbank : Nettoyer et sauvegarder :mozilla.33:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.34:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.37:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.63:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.70:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Valueclick : Nettoyer et sauvegarder :mozilla.76:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Fastclick : Nettoyer et sauvegarder :mozilla.84:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.107:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.109:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Adtech : Nettoyer et sauvegarder :mozilla.171:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.173:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder :mozilla.174:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.175:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder :mozilla.176:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.179:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.190:C:\FOUND.038\FILE0000.CHK -> TrackingCookie.Statcounter : Nettoyer et sauvegarder ::Fin du rapport Le scanActivescan avec Panda en ligne en mode normal: Incident Statut Analyse Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\pskill.exe Adware:adware/cws.searchmeup No Désinfecté C:\WINDOWS\uniq Adware:adware/dollarrevenue No Désinfecté C:\WINDOWS\drsmartload2.dat Spyware:Cookie/Xiti No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Firefox\Profiles\m1dniwyi.default\cookies.txt[] Spyware:Cookie/Xiti No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt[] Spyware:Cookie/Xiti No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\Default User\wtu55xzg.slt\cookies.txt[] Spyware:Cookie/Humanclick No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\Default User\wtu55xzg.slt\cookies.txt[72914031] Spyware:Cookie/Com.com No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@image.checkmystats.com[2].txt Spyware:Cookie/TopRebates.com No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@www.toprebates[1].txt Spyware:Cookie/empnads No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@empnads[1].txt Spyware:Cookie/Advnt No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@www.advnt01[1].txt Outil indésirable:Application/MyWay No Désinfecté C:\Sauve\Program Files\MySearch\bar\1.bin\S42NS.EXE Adware:adware/securityerror No Désinfecté C:\Documents and Settings\Utilisateur\Favoris\Antivirus Test Online.url Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Utilisateur\Bureau\SmitfraudFix.zip[Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Utilisateur\Bureau\SmitfraudFix\Process.exe Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-1.txt[] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-2.txt[] Spyware:Cookie/Maxserving No Désinfecté C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-7.txt[] et un rapport Hijackthis en normal: Logfile of HijackThis v1.99.1 Scan saved at 10:50:30, on 08/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\windows\system32\inetdns.exe C:\docs.exe C:\docs.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing)

Ok....... Elle s'en occupe là..... A bientot donc pour les 4 rapports

Donc: pour la commande dos, les choses a supprimer, elle n'a pas pu les supprimer: "ce service est pas installé".... celles a supprimer, rien n'y été selon le chemin d'accés a suivre..... après, pour les lignes à fixer, seulement 3 été présentes dans Hijackthis Voici le rapport en mode normal: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing)

Ok, elle est en train de faire tout ca là, a dans 10 minutes pour le rapport!!

Voici le rapport Hijackthis fait en mode normal après avoir suivi a la lettre toutes tes manip! Logfile of HijackThis v1.99.1 Scan saved at 00:23:23, on 08/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing)

Ok, elle est en train de le faire... A dans 10 minutes pour le rapport du scan Hijackthis !

Pas de pb, j'attends alors

Quel est votre avis?

Voici donc: Logfile of HijackThis v1.99.1 Scan saved at 18:49:55, on 07/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: WinCon (wincon net driver) (WinCon) - Unknown owner - C:\WINDOWS\system32\wincon.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing)

Erf, je n'avais pas vu ton message, je suis désolée... mais voici le Ewido en normal: ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 02:23:30, 07/02/2006 + Somme de contrôle: B79478AA + Résultats du scan: C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[2].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0017099.exe -> Hijacker.StartPage.ahg : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0016089.sys -> Backdoor.Haxdoor.fh : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0016090.sys -> Backdoor.Haxdoor.fh : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0016091.exe -> Hijacker.VB.kc : Nettoyer et sauvegarder C:\System Volume Information\_restore{73FA0109-2634-4D6E-9D48-C39ACE737CA1}\RP5\A0016092.exe -> Downloader.VB.vr : Nettoyer et sauvegarder :mozilla.21:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Advertising : Nettoyer et sauvegarder :mozilla.37:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.38:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.41:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder :mozilla.69:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.76:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Valueclick : Nettoyer et sauvegarder :mozilla.82:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Fastclick : Nettoyer et sauvegarder :mozilla.90:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Comclick : Nettoyer et sauvegarder :mozilla.120:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder :mozilla.122:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder :mozilla.184:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Pointroll : Nettoyer et sauvegarder :mozilla.186:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Questionmarket : Nettoyer et sauvegarder :mozilla.187:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder :mozilla.188:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Googleadservices : Nettoyer et sauvegarder :mozilla.189:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Sexcounter : Nettoyer et sauvegarder :mozilla.192:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder :mozilla.203:C:\FOUND.038\FILE0000.CHK -> Spyware.Cookie.Statcounter : Nettoyer et sauvegarder ::Fin du rapport

Re Bonsoir!! Voici donc le rapport hijackthis en mode sans échec: Logfile of HijackThis v1.99.1 Scan saved at 01:10:01, on 07/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\explorer.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: WinCon (wincon net driver) (WinCon) - Unknown owner - C:\WINDOWS\system32\wincon.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) Le Ewido arrive, mais en mode normal par contre....la miss n'a pas réussi a le lancer en mode sans échec.....

Voici le rapport du scan fait en ligne: Incident Statut Analyse Virus:W32/Sdbot.ftp Désinfecté C:\WINDOWS\system32\i Adware:adware/atlas No Désinfecté C:\WINDOWS\switps.dat Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\pskill.exe Adware:adware/cws.searchmeup No Désinfecté C:\WINDOWS\uniq Virus:Trj/Pali.B Désinfecté C:\WINDOWS\winsysupd5.exe Spyware:spyware/media-motor No Désinfecté C:\WINDOWS\ubber60.ini Adware:adware/dollarrevenue No Désinfecté C:\WINDOWS\winsysupd51.dat Spyware:Cookie/Xiti No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Firefox\Profiles\m1dniwyi.default\cookies.txt[] Spyware:Cookie/Humanclick No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Firefox\Profiles\m1dniwyi.default\cookies.txt[72914031] Spyware:Cookie/Xiti No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\default\hu9pjgej.slt\cookies.txt[] Spyware:Cookie/Xiti No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\Default User\wtu55xzg.slt\cookies.txt[] Spyware:Cookie/Humanclick No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Application Data\Mozilla\Profiles\Default User\wtu55xzg.slt\cookies.txt[72914031] Spyware:Cookie/Com.com No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@image.checkmystats.com[2].txt Spyware:Cookie/TopRebates.com No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@www.toprebates[1].txt Spyware:Cookie/empnads No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@empnads[1].txt Spyware:Cookie/Advnt No Désinfecté C:\Sauve\Documents and Settings\DRAGON\Cookies\dragon@www.advnt01[1].txt Outil indésirable:Application/MyWay No Désinfecté C:\Sauve\Program Files\MySearch\bar\1.bin\S42NS.EXE Virus Eventuel. No Désinfecté C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IBIZ2T45\pz[1].exe Spyware:Cookie/Media-motor No Désinfecté C:\Documents and Settings\LocalService\Cookies\system@mmm.media-motor[1].txt Adware:adware/securityerror No Désinfecté C:\Documents and Settings\Utilisateur\Favoris\Antivirus Test Online.url Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Utilisateur\Bureau\SmitfraudFix.zip[Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Utilisateur\Bureau\SmitfraudFix\Process.exe Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[2].txt Spyware:Cookie/Advnt No Désinfecté C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.advnt01[1].txt Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies.txt[] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-1.txt[] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-2.txt[] Spyware:Cookie/Maxserving No Désinfecté C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\l6ptnviv.default\cookies-7.txt[] Virus Eventuel. No Désinfecté C:\alc.exe Spyware:Cookie/Xiti No Désinfecté C:\FOUND.028\FILE0002.CHK[] Spyware:Cookie/Weborama No Désinfecté C:\FOUND.038\FILE0000.CHK[] Et celui fait avec Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 22:43:29, on 06/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\alc.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: mlljh - mlljh.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: WinCon (wincon net driver) (WinCon) - Unknown owner - C:\WINDOWS\system32\wincon.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing)

Alors là!!!!! Apres avoir réactivé Spybot, elle a un No infected files were found. avec Vundo Fix.... Je vous poste le rapport Hijackthis en mode sans échec: Logfile of HijackThis v1.99.1 Scan saved at 17:53:41, on 06/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\Explorer.EXE C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: mlljh - mlljh.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing) Désolée pour les posts en rafale, mais je vous tiens au courant de minutes en minutes en me servent de tous les avis, j'espère que je ne vais pas me faire taper sur les doigts Donc, à la vue de ces 2 rapports, on fait quoi?

Jviens de lui faire tester la méthode de Charles Ingals, a savoir lui faire désactiver Spybot: Voici les rapports: avec Vundo Fix: VundoFix V4.2.22 Scan started at 17:30:02 06/02/2006 Listing files found while scanning.... No infected files were found. et Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 17:33:31, on 06/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\WINDOWS\system32\wincon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\iPod\bin\iPodService.exe C:\alc.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: mlljh - mlljh.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing)