karlomat

ok, j'ai suivi toute la procédure et voici les rapports demandés Logfile of HijackThis v1.99.1 Scan saved at 19:35:24, on 26/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\slserv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Documents and Settings\Karine & Loïc\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 O4 - HKCU\..\RunServices: [Remote Procedure Calls] mswinrpc.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8C2BC549-77F6-466C-9F38-C8450A6CF4D1}: NameServer = 212.27.32.176,212.27.32.177 O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 18:04:55 26/08/2006 + Scan result: HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined). HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup (quarantined). :mozilla.207:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.208:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.209:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.210:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.211:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.212:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.245:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.246:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.248:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.249:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.391:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.675:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.878:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.359:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.364:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.365:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.436:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.437:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.174:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.175:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.176:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.55:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.826:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined). :mozilla.56:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.580:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.799:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). :mozilla.590:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined). :mozilla.591:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined). :mozilla.57:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.58:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.59:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.45:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). :mozilla.50:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). :mozilla.108:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.110:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.111:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.112:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.113:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.524:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.525:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.526:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.527:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.528:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.529:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.530:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.531:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.532:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.223:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.224:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.225:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.226:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined). :mozilla.385:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Goldenpalace : Cleaned with backup (quarantined). :mozilla.407:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.423:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.581:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.594:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.612:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.688:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.533:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.534:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.535:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.739:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.740:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.741:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.742:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.751:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.822:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.854:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined). :mozilla.358:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). :mozilla.66:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). :mozilla.68:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined). :mozilla.455:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined). :mozilla.630:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). :mozilla.631:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). :mozilla.632:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined). :mozilla.626:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined). :mozilla.760:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.761:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.762:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.763:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.764:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.342:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.343:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.344:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.345:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.327:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.328:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.329:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.330:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.331:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.332:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.333:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.334:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.490:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined). :mozilla.491:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined). :mozilla.299:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.301:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.51:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.52:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.53:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.54:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.349:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.350:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.351:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.352:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.353:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.354:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.355:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.834:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). :mozilla.835:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). :mozilla.35:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.36:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.37:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.38:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.368:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined). :mozilla.538:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined). :mozilla.542:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined). :mozilla.177:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.178:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.179:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.443:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined). :mozilla.356:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.357:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.859:C:\Documents and Settings\Karine & Loïc\Application Data\Mozilla\Profiles\default\qv0l7hp4.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). ::Report end Script clean par Malekal_morte - http://www.malekal.com Microsoft Windows XP [version 5.1.2600] Script execute en mode sans echec *** Suppression de fichiers sur C: *** Suppression des fichiers dans C:\WINDOWS\ C:\WINDOWS\IsUninst.exe FOUND *** Suppression des fichiers dans C:\WINDOWS\system32 C:\WINDOWS\system32\o FOUND C:\WINDOWS\system32\oo FOUND C:\WINDOWS\system32\SpoonUninstall.exe FOUND *** Suppression des clefs du registre effectuee..

oui bien sur mais ça ne marche pas !

je suis l'explication de malekal morte mais je suis bloqué dans l'intallation de kaspersky qui refuse de me donner un n° de clé car "clé non commerciale dont la durée de validité est expirée" ! que faire pour poursuivre ce nettoyage ?

bonjour, j'ai un souci de connexion et deconnexion internet avec mon adsl free depuis 3 semaines (téléphone OK pourtant) de +, ma boite e-mail reçoit des spams depuis 3 jours pour la première fois en 2 ans je suis connecté par éthernet, j'utilise mozilla et avast (qui n'a rien détecté d'ailleurs) hier j'ai fait un scan en ligne kaspersky qui m'a indiqué la présence d'un virus suivant C:\WINDOWS\system32\oo Infecté : Trojan-Downloader.BAT.Ftp.s je vous remercie par avance de m'indiquer ce qu'il faut faire par étape pour éliminer cette "bestiole" ps : merci d'être accessible dans vos réponses car je ne suis pas très au fait du fonctionnement d'un PC : un novice quoi ! j'ai fait un log d'hijack this pour info : Logfile of HijackThis v1.99.1 Scan saved at 09:18:37, on 26/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\slserv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\WINDOWS\system32\calc.exe C:\PROGRA~1\MOZILLA.ORG\MOZILLA\MOZILLA.EXE C:\Documents and Settings\Karine & Loïc\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0C2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Remote Procedure Calls] mswinrpc.exe O4 - HKLM\..\Run: [Microsoft Windows Update] svmhost.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Microsoft Diagnostic] msdiag32.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServices: [Remote Procedure Calls] mswinrpc.exe O4 - HKLM\..\RunServices: [Microsoft Windows Update] svmhost.exe O4 - HKLM\..\RunServices: [Microsoft Services] lssrv.exe O4 - HKLM\..\RunServices: [Microsoft Diagnostic] msdiag32.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Remote Procedure Calls] mswinrpc.exe O4 - HKCU\..\Run: [Microsoft Windows W32 Services] mssw32.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 O4 - HKCU\..\RunServices: [Remote Procedure Calls] mswinrpc.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8C2BC549-77F6-466C-9F38-C8450A6CF4D1}: NameServer = 212.27.32.176,212.27.32.177 O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe