Teuh-Moo

Au fait merci beaucoup pour ton aide tout est rentré dans l"ordre !!!

Logfile of HijackThis v1.99.1 Scan saved at 11:29:14, on 31/08/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\crypserv.exe C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\guard.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\ewido.exe F:\eMulederniere\emule.exe C:\Program Files\mozilla.org\Mozilla\mozilla.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\mOOte\Bureau\Hijack\HijackThis.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!ewido] "C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Salut Malekal, j'ai bien supprimé les 4 lignes par contre quand je lance Kapersky en ligne avec internet explorer dès que je clique sur executer l'analyse une fenêtre s'ouvre et se ferme immediatement... et pour Panda une fenêtre s'ouvre et rien ne se passe... D'ailleurs je sais pas si c'est lié mais windows media player s'ouvre et se ferme tout de suite aussi ... Franchement merci pour le temps passé avec moi !!!

C:\WINDOWS\System32\vsconfig.xml -->28/08/2006 15:37:50 C:\WINDOWS\System32\nscompat.tlb -->28/08/2006 13:53:01 C:\WINDOWS\System32\amcompat.tlb -->28/08/2006 13:53:01 C:\WINDOWS\System32\wpa.dbl -->28/08/2006 12:36:01 C:\WINDOWS\System32\xpsp1hfm.exe -->28/08/2006 10:16:27 C:\WINDOWS\System32\xmlinst.exe -->28/08/2006 10:16:26 C:\WINDOWS\System32\xcopy.exe -->28/08/2006 10:16:26 C:\WINDOWS\System32\wupdmgr.exe -->28/08/2006 10:16:26 C:\WINDOWS\System32\wuauclt.exe -->28/08/2006 10:16:26 C:\WINDOWS\System32\write.exe -->28/08/2006 10:16:25 C:\WINDOWS\System32\wpabaln.exe -->28/08/2006 10:16:25 C:\WINDOWS\System32\wmpstub.exe -->28/08/2006 10:16:25 C:\WINDOWS\System32\wjview.exe -->28/08/2006 10:16:25 C:\WINDOWS\System32\wisptis.exe -->28/08/2006 10:16:24 C:\WINDOWS\System32\winver.exe -->28/08/2006 10:16:24 C:\WINDOWS\System32\winmsd.exe -->28/08/2006 10:16:24 C:\WINDOWS\System32\winmine.exe -->28/08/2006 10:16:24 C:\WINDOWS\System32\wiaacmgr.exe -->28/08/2006 10:16:23 C:\WINDOWS\System32\wextract.exe -->28/08/2006 10:16:23 C:\WINDOWS\System32\w32tm.exe -->28/08/2006 10:16:23 C:\WINDOWS\System32\vssadmin.exe -->28/08/2006 10:16:22 C:\WINDOWS\System32\verifier.exe -->28/08/2006 10:16:22 C:\WINDOWS\System32\utilman.exe -->28/08/2006 10:16:21 C:\WINDOWS\System32\usrshuta.exe -->28/08/2006 10:16:21 C:\WINDOWS\System32\usrprbda.exe -->28/08/2006 10:16:21 C:\WINDOWS\WORDPAD.INI -->29/08/2006 19:45:24 C:\WINDOWS\SchedLgU.Txt -->29/08/2006 16:27:00 C:\WINDOWS\wmsetup.log -->28/08/2006 15:37:26 C:\WINDOWS\0.log -->28/08/2006 15:37:26 C:\WINDOWS\wiaservc.log -->28/08/2006 15:37:23 C:\WINDOWS\wiadebug.log -->28/08/2006 15:37:21 C:\WINDOWS\bootstat.dat -->28/08/2006 15:36:42 C:\WINDOWS\setupapi.log -->28/08/2006 13:53:03 C:\WINDOWS\tsoc.log -->28/08/2006 13:51:39 C:\WINDOWS\tabletoc.log -->28/08/2006 13:51:39 C:\WINDOWS\Q828026Uninst.log -->28/08/2006 13:51:39 C:\WINDOWS\ntdtcsetup.log -->28/08/2006 13:51:39 C:\WINDOWS\imsins.log -->28/08/2006 13:51:39 C:\WINDOWS\iis6.log -->28/08/2006 13:51:39 C:\WINDOWS\comsetup.log -->28/08/2006 13:51:39 C:\WINDOWS\Ckrfresh.exe |27/09/2005 19:43:17 C:\WINDOWS\GREUninstall.exe |01/03/2006 20:02:52 C:\WINDOWS\MozillaUninstall.exe |01/03/2006 20:03:53 C:\WINDOWS\Setup_ck.exe |27/09/2005 19:43:17 C:\WINDOWS\UNWISE.EXE |11/05/2004 12:19:18 C:\WINDOWS\Setup_ck.dll |27/09/2005 19:43:17 C:\WINDOWS\system32\06467_netapi.exe |26/08/2006 20:01:36 C:\WINDOWS\system32\18783_netapi.exe |26/08/2006 22:23:40 C:\WINDOWS\system32\23810_netapi.exe |26/08/2006 17:21:41 C:\WINDOWS\system32\25161_netapi.exe |26/08/2006 22:01:34 C:\WINDOWS\system32\45526_netapi.exe |26/08/2006 17:18:15 C:\WINDOWS\system32\76662_netapi.exe |26/08/2006 20:04:19 C:\WINDOWS\system32\80432_netapi.exe |26/08/2006 20:15:04 C:\WINDOWS\system32\81334_netapi.exe |26/08/2006 22:08:18 C:\WINDOWS\system32\83744_netapi.exe |26/08/2006 17:20:58 C:\WINDOWS\system32\append.exe |14/10/2001 01:52:32 C:\WINDOWS\system32\CoreAAC-uninstall.exe |20/04/2006 17:49:15 C:\WINDOWS\system32\debug.exe |14/10/2001 01:52:38 C:\WINDOWS\system32\dosx.exe |14/10/2001 01:52:40 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34 C:\WINDOWS\system32\edlin.exe |14/10/2001 01:52:58 C:\WINDOWS\system32\exe2bin.exe |14/10/2001 01:52:58 C:\WINDOWS\system32\fastopen.exe |14/10/2001 01:52:58 C:\WINDOWS\system32\glossary.exe |29/05/2003 12:49:48 C:\WINDOWS\system32\hqghumea.exe |23/08/2006 22:39:16 C:\WINDOWS\system32\mem.exe |14/10/2001 01:53:12 C:\WINDOWS\system32\mscdexnt.exe |14/10/2001 01:53:16 C:\WINDOWS\system32\nlsfunc.exe |14/10/2001 01:53:24 C:\WINDOWS\system32\nvdspsch.exe |09/03/2006 15:29:00 C:\WINDOWS\system32\nw16.exe |14/10/2001 01:53:28 C:\WINDOWS\system32\OggDSuninst.exe |06/03/2006 00:01:35 C:\WINDOWS\system32\pxhpinst.exe |18/05/2004 09:26:53 C:\WINDOWS\system32\redir.exe |28/08/2002 21:24:18 C:\WINDOWS\system32\setver.exe |14/10/2001 01:53:42 C:\WINDOWS\system32\share.exe |14/10/2001 01:53:42 C:\WINDOWS\system32\tsuninst.exe |23/08/2006 22:21:24 C:\WINDOWS\system32\vwipxspx.exe |14/10/2001 01:53:54 C:\WINDOWS\system32\amstream.dll |22/04/2006 20:00:00 C:\WINDOWS\system32\awtqnkh.dll |23/08/2006 22:19:25 C:\WINDOWS\system32\awtrspp.dll |24/08/2006 00:46:21 C:\WINDOWS\system32\bassmod.dll |24/05/2004 18:08:59 C:\WINDOWS\system32\compatUI.dll |29/08/2002 11:44:50 C:\WINDOWS\system32\ddcdcyw.dll |25/08/2006 17:27:46 C:\WINDOWS\system32\DrvTrNTl.dll |15/02/2006 18:35:13 C:\WINDOWS\system32\encdec.dll |26/11/2002 16:15:52 C:\WINDOWS\system32\hgggfec.dll |25/08/2006 18:28:27 C:\WINDOWS\system32\ir32_32.dll |14/10/2001 01:53:06 C:\WINDOWS\system32\libeay32_0.9.6l.dll |27/08/2006 00:23:33 C:\WINDOWS\system32\mciqtz32.dll |22/04/2006 20:00:00 C:\WINDOWS\system32\msdmo.dll |22/04/2006 20:00:01 C:\WINDOWS\system32\msencode.dll |14/10/2001 01:53:16 C:\WINDOWS\system32\nvapi.dll |09/03/2006 15:29:00 C:\WINDOWS\system32\nvcod.dll |22/04/2006 19:47:09 C:\WINDOWS\system32\nvhwvid.dll |09/03/2006 15:29:00 C:\WINDOWS\system32\nvwimg.dll |09/03/2006 15:29:00 C:\WINDOWS\system32\ogg.dll |05/10/2002 01:04:17 C:\WINDOWS\system32\OggDS.dll |06/10/2002 20:42:57 C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16 C:\WINDOWS\system32\psisdecd.dll |22/04/2006 20:00:24 C:\WINDOWS\system32\qedwipes.dll |22/04/2006 20:00:01 C:\WINDOWS\system32\qt-dx331.dll |10/08/2005 00:12:28 C:\WINDOWS\system32\rmevents.DLL |11/05/2004 12:18:53 C:\WINDOWS\system32\rmmerge2.DLL |11/05/2004 12:18:54 C:\WINDOWS\system32\sbe.dll |26/11/2002 16:15:50 C:\WINDOWS\system32\scriptpw.dll |14/10/2001 01:53:40 C:\WINDOWS\system32\SIntf16.dll |10/04/2005 21:15:42 C:\WINDOWS\system32\SIntf32.dll |10/04/2005 21:15:42 C:\WINDOWS\system32\SIntfNT.dll |10/04/2005 21:15:42 C:\WINDOWS\system32\stci.dll |25/03/2004 22:17:44 C:\WINDOWS\system32\TDI-SonyOMG.dll |23/06/2006 18:56:02 C:\WINDOWS\system32\tsd32.dll |14/10/2001 01:53:52 C:\WINDOWS\system32\UNACE.DLL |24/05/2004 18:09:00 C:\WINDOWS\system32\UNRAR.dll |24/05/2004 18:09:00 C:\WINDOWS\system32\vidx16.dll |09/07/2006 18:10:49 C:\WINDOWS\system32\vorbis.dll |05/10/2002 01:04:24 C:\WINDOWS\system32\vorbisenc.dll |05/10/2002 01:04:25 C:\WINDOWS\system32\win87em.dll |14/10/2001 01:53:58 C:\WINDOWS\system32\xmlparse.dll |22/04/2006 19:02:49 C:\WINDOWS\system32\xmltok.dll |22/04/2006 19:02:49 C:\WINDOWS\system32\ZPORT4AS.dll |15/07/2005 10:47:51 C:\WINDOWS\Ckrfresh.exe |27/09/2005 19:43:17 C:\WINDOWS\GREUninstall.exe |01/03/2006 20:02:52 C:\WINDOWS\MozillaUninstall.exe |01/03/2006 20:03:53 C:\WINDOWS\Setup_ck.exe |27/09/2005 19:43:17 C:\WINDOWS\UNWISE.EXE |11/05/2004 12:19:18 C:\WINDOWS\Setup_ck.dll |27/09/2005 19:43:17 C:\WINDOWS\system32\06467_netapi.exe |26/08/2006 20:01:36 C:\WINDOWS\system32\18783_netapi.exe |26/08/2006 22:23:40 C:\WINDOWS\system32\23810_netapi.exe |26/08/2006 17:21:41 C:\WINDOWS\system32\25161_netapi.exe |26/08/2006 22:01:34 C:\WINDOWS\system32\45526_netapi.exe |26/08/2006 17:18:15 C:\WINDOWS\system32\76662_netapi.exe |26/08/2006 20:04:19 C:\WINDOWS\system32\80432_netapi.exe |26/08/2006 20:15:04 C:\WINDOWS\system32\81334_netapi.exe |26/08/2006 22:08:18 C:\WINDOWS\system32\83744_netapi.exe |26/08/2006 17:20:58 C:\WINDOWS\system32\append.exe |14/10/2001 01:52:32 C:\WINDOWS\system32\CoreAAC-uninstall.exe |20/04/2006 17:49:15 C:\WINDOWS\system32\debug.exe |14/10/2001 01:52:38 C:\WINDOWS\system32\dosx.exe |14/10/2001 01:52:40 C:\WINDOWS\system32\edlin.exe |14/10/2001 01:52:58 C:\WINDOWS\system32\exe2bin.exe |14/10/2001 01:52:58 C:\WINDOWS\system32\fastopen.exe |14/10/2001 01:52:58 C:\WINDOWS\system32\glossary.exe |29/05/2003 12:49:48 C:\WINDOWS\system32\hqghumea.exe |23/08/2006 22:39:16 C:\WINDOWS\system32\mem.exe |14/10/2001 01:53:12 C:\WINDOWS\system32\mscdexnt.exe |14/10/2001 01:53:16 C:\WINDOWS\system32\nlsfunc.exe |14/10/2001 01:53:24 C:\WINDOWS\system32\nvdspsch.exe |09/03/2006 15:29:00 C:\WINDOWS\system32\nw16.exe |14/10/2001 01:53:28 C:\WINDOWS\system32\OggDSuninst.exe |06/03/2006 00:01:35 C:\WINDOWS\system32\pxhpinst.exe |18/05/2004 09:26:53 C:\WINDOWS\system32\redir.exe |28/08/2002 21:24:18 C:\WINDOWS\system32\setver.exe |14/10/2001 01:53:42 C:\WINDOWS\system32\share.exe |14/10/2001 01:53:42 C:\WINDOWS\system32\tsuninst.exe |23/08/2006 22:21:24 C:\WINDOWS\system32\vwipxspx.exe |14/10/2001 01:53:54 C:\WINDOWS\system32\amstream.dll |22/04/2006 20:00:00 C:\WINDOWS\system32\awtqnkh.dll |23/08/2006 22:19:25 C:\WINDOWS\system32\awtrspp.dll |24/08/2006 00:46:21 C:\WINDOWS\system32\bassmod.dll |24/05/2004 18:08:59 C:\WINDOWS\system32\ddcdcyw.dll |25/08/2006 17:27:46 C:\WINDOWS\system32\DrvTrNTl.dll |15/02/2006 18:35:13 C:\WINDOWS\system32\encdec.dll |26/11/2002 16:15:52 C:\WINDOWS\system32\hgggfec.dll |25/08/2006 18:28:27 C:\WINDOWS\system32\ir32_32.dll |14/10/2001 01:53:06 C:\WINDOWS\system32\libeay32_0.9.6l.dll |27/08/2006 00:23:33 C:\WINDOWS\system32\mciqtz32.dll |22/04/2006 20:00:00 C:\WINDOWS\system32\msdmo.dll |22/04/2006 20:00:01 C:\WINDOWS\system32\msencode.dll |14/10/2001 01:53:16 C:\WINDOWS\system32\nvapi.dll |09/03/2006 15:29:00 C:\WINDOWS\system32\nvcod.dll |22/04/2006 19:47:09 C:\WINDOWS\system32\nvhwvid.dll |09/03/2006 15:29:00 C:\WINDOWS\system32\nvwimg.dll |09/03/2006 15:29:00 C:\WINDOWS\system32\ogg.dll |05/10/2002 01:04:17 C:\WINDOWS\system32\psisdecd.dll |22/04/2006 20:00:24 C:\WINDOWS\system32\qedwipes.dll |22/04/2006 20:00:01 C:\WINDOWS\system32\qt-dx331.dll |10/08/2005 00:12:28 C:\WINDOWS\system32\rmevents.DLL |11/05/2004 12:18:53 C:\WINDOWS\system32\rmmerge2.DLL |11/05/2004 12:18:54 C:\WINDOWS\system32\sbe.dll |26/11/2002 16:15:50 C:\WINDOWS\system32\SIntf16.dll |10/04/2005 21:15:42 C:\WINDOWS\system32\SIntf32.dll |10/04/2005 21:15:42 C:\WINDOWS\system32\SIntfNT.dll |10/04/2005 21:15:42 C:\WINDOWS\system32\stci.dll |25/03/2004 22:17:44 C:\WINDOWS\system32\tsd32.dll |14/10/2001 01:53:52 C:\WINDOWS\system32\UNACE.DLL |24/05/2004 18:09:00 C:\WINDOWS\system32\UNRAR.dll |24/05/2004 18:09:00 C:\WINDOWS\system32\vidx16.dll |09/07/2006 18:10:49 C:\WINDOWS\system32\vorbis.dll |05/10/2002 01:04:24 C:\WINDOWS\system32\vorbisenc.dll |05/10/2002 01:04:25 C:\WINDOWS\system32\win87em.dll |14/10/2001 01:53:58 C:\WINDOWS\system32\xmlparse.dll |22/04/2006 19:02:49 C:\WINDOWS\system32\xmltok.dll |22/04/2006 19:02:49 C:\WINDOWS\system32\ZPORT4AS.dll |15/07/2005 10:47:51 Le volume dans le lecteur C s'appelle Principal Le numéro de série du volume est C48B-6F57 Répertoire de C:\WINDOWS\system32 14/10/2001 01:52 4 096 csrss.exe 1 fichier(s) 4 096 octets 0 Rép(s) 855 478 272 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Principal Le numéro de série du volume est C48B-6F57 Répertoire de C:\WINDOWS\Downloaded Program Files 26/08/2006 18:19 <REP> . 26/08/2006 18:19 <REP> .. 25/03/2004 21:32 65 desktop.ini 14/10/1997 19:52 697 DirectAnimation Java Classes.osd 25/08/2003 19:12 1 096 iuctl.inf 11/10/2005 17:49 752 jinstall-1_5_0_05.inf 20/01/2000 16:25 1 162 Microsoft XML Parser for Java.osd 03/06/2002 17:53 144 QTPlugin.inf 21/09/2004 23:25 6 191 238 QuickTimeInstallCache.qdat 28/01/2004 12:13 520 349 RdxIE.dll 08/12/2003 13:58 3 759 swflash.inf 21/10/2004 17:55 1 390 teleir_cert.osd 30/06/2003 22:41 1 689 WMV9VCM.inf 11 fichier(s) 6 722 341 octets Total des fichiers listés : 11 fichier(s) 6 722 341 octets 2 Rép(s) 855 478 272 octets libres Liste des programmes installes AC3Filter (remove only) Ad-Aware SE Personal Adobe Download Manager 1.2 (Supprimer uniquement) Adobe Photoshop 7.0 Adobe Reader 7.0 - Français Advanced Tools Ahead Nero Burning ROM Archiveur WinRAR Atomix.Atomix MP3 v2.3 AviSynth 2.5 CC_ccStart ccCommon CCleaner (remove only) CleanUp! CloneCD CoreAAC Audio Decoder (remove only) Correctif Windows XP - KB820291 Correctif Windows XP - KB821253 Correctif Windows XP - KB822603 Correctif Windows XP - KB823182 Correctif Windows XP - KB824105 Correctif Windows XP - KB824141 Correctif Windows XP - KB824146 Correctif Windows XP - KB825119 Correctif Windows XP - KB826939 Correctif Windows XP - KB826942 Correctif Windows XP - KB828028 Correctif Windows XP - KB828035 Correctif Windows XP - KB829558 Correctif Windows XP - KB835732 Correctif Windows XP - KB918899 Correctif Windows XP (SP2) Q322011 Correctif Windows XP (SP2) Q327979 Correctif Windows XP (SP2) Q814995 Correctif Windows XP (SP2) Q819696 Direct Show Ogg Vorbis Filter (remove only) EasyRecovery Professional EasyRecovery Professional eMule EPSON Logiciel imprimante EPSON Scan ewido anti-spyware 4.0 Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP Free - Kit de connexion Free Easy PDF Google Earth Google Toolbar for Internet Explorer GrabIt 1.5.3 Beta (build 909) Haali Media Splitter HijackThis 1.99.1 Hogs Of War IsoBuster 1.9 J2SE Runtime Environment 5.0 Update 5 J2SE Runtime Environment 5.0 Update 6 Kaspersky Anti-Virus 6.0 Kaspersky Anti-Virus 6.0 Kazaa Lite K++ v2.4.3 Lame ACM MP3 Codec Lemmings for Windows 95 LiveReg (Symantec Corporation) LiveUpdate 2.6 (Symantec Corporation) Macromedia Flash Player 8 MD Simple Burner 2.0.03 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft Office Excel Viewer 2003 Microsoft Office Professional Edition 2003 Microsoft Office XP Professional with FrontPage Mozilla (1.7.12) (fr) MSN Messenger 7.5 MSRedist MUSK Codec Pack v5 NewsBin Pro 4.22 Norton AntiVirus 2004 Professional Norton AntiVirus 2004 Professional (Symantec Corporation) Norton AntiVirus Parent MSI Norton WMI Update NVIDIA Drivers OpenMG Limited Patch 3.4-04-17-06-01 OpenMG Secure Module 3.4.01 Outlook Express Q820223 Pack réseau avancé pour Windows XP PowerStrip 3 (remove only) QuickPar 0.9 QuickTime QuickTime Real Alternative 1.48 Ri4m v5 Ripp-It Codec Pack v 4.2.0 Search Bar SonicStage Sony Sound Forge 7.0 Spybot - Search & Destroy 1.4 Stardraw Lighting 2D Steinberg Nuendo Symantec Network Drivers Update Symantec Script Blocking Installer SymNet Total Recorder 3.4 utilitaires pour le Matroska Ri4m VideoLAN VLC media player 0.8.5 Visionneuse Journal Windows Microsoft WebFldrs XP Winamp (remove only) Windows Media Format Runtime Windows Sasser Worm Removal Tool (KB841720) Windows XP Hotfix (SP2) [see KB810243 for more information] Worms Armageddon YOU DON'T KNOW JACK® ZoneAlarm Le volume dans le lecteur C s'appelle Principal Le numéro de série du volume est C48B-6F57 Répertoire de C:\Program Files 28/08/2006 13:41 <REP> . 28/08/2006 13:41 <REP> .. 06/01/2006 20:38 <REP> Adobe 15/07/2005 02:01 <REP> Ahead 09/07/2006 22:22 <REP> Alcohol Soft 15/07/2005 11:56 <REP> CleanUp! 25/03/2004 22:49 <REP> Common Files 25/03/2004 21:29 <REP> ComPlus Applications 05/07/2006 00:02 <REP> CrackInf 10/07/2006 00:02 <REP> DAEMON Tools 06/05/2006 13:30 <REP> DivX 09/05/2006 20:17 <REP> epson 23/08/2006 22:21 <REP> Fichiers communs 15/02/2006 23:11 <REP> Firstrun 01/03/2006 20:54 <REP> Free.fr 03/03/2006 20:28 <REP> Google 25/03/2004 23:08 <REP> HighMAT CD Writing Wizard 25/03/2004 23:44 <REP> Internet Explorer 21/03/2006 20:44 <REP> Java 28/08/2006 00:21 <REP> Kaspersky Lab 15/07/2005 11:19 <REP> Lavasoft 20/06/2006 20:29 <REP> Matroska Pack 07/04/2006 22:22 <REP> Media Player Classic 25/05/2004 18:54 <REP> Messenger 25/03/2004 21:35 <REP> microsoft frontpage 25/01/2006 16:18 <REP> Microsoft Office 08/04/2004 01:54 <REP> Microsoft.NET 25/03/2004 23:35 <REP> Movie Maker 01/03/2006 20:01 <REP> mozilla.org 25/03/2004 21:28 <REP> MSN 25/03/2004 21:28 <REP> MSN Gaming Zone 03/01/2006 16:52 <REP> MSN Messenger 02/05/2004 23:12 <REP> NetMeeting 29/07/2005 09:21 <REP> Norton AntiVirus 13/02/2006 22:57 <REP> Ontrack 28/02/2006 14:42 <REP> Outlook Express 11/12/2005 15:24 <REP> Pegasys Inc 25/08/2006 17:23 <REP> PowerStrip 14/08/2006 23:01 <REP> QuickTime 25/03/2004 21:32 <REP> Services en ligne 25/06/2006 18:47 <REP> Sony 20/05/2004 12:39 <REP> Sound forge 7 08/07/2006 13:22 <REP> Spybot - Search & Destroy 31/05/2004 00:55 <REP> Steinberg 29/07/2005 08:59 <REP> Symantec 06/07/2005 16:23 <REP> SymNetDrv 29/06/2006 15:42 <REP> Team17 Software Ltd 03/11/2005 19:38 <REP> Trojan Remover 22/04/2006 19:02 <REP> Ubisoft 25/03/2004 23:27 <REP> Windows Journal Viewer 31/05/2004 00:56 <REP> Windows Media Components 28/08/2006 15:36 <REP> Windows Media Player 25/03/2004 21:28 <REP> Windows NT 18/04/2005 18:04 <REP> WinLemm 15/07/2005 11:57 <REP> WinRAR 28/08/2006 13:41 <REP> WMP10 25/03/2004 21:35 <REP> xerox 20/05/2005 18:32 <REP> YDKJWIN 26/08/2006 23:58 <REP> Zone Labs 0 fichier(s) 0 octets 59 Rép(s) 855 248 896 octets libres Le volume dans le lecteur C s'appelle Principal Le numéro de série du volume est C48B-6F57 Répertoire de C:\Program Files\fichiers communs 23/08/2006 22:21 <REP> . 23/08/2006 22:21 <REP> .. 05/04/2004 01:17 <REP> Adobe 28/03/2004 18:27 <REP> Ahead 08/04/2004 01:55 <REP> DESIGNER 31/08/2005 16:34 <REP> InstallShield 23/11/2005 19:28 <REP> Java 07/07/2005 14:47 <REP> Macromedia 06/05/2006 13:37 <REP> Microsoft Shared 01/03/2006 20:02 <REP> mozilla.org 25/03/2004 21:30 <REP> MSSoap 25/03/2004 21:21 <REP> ODBC 15/02/2006 23:11 <REP> Real 28/08/2006 10:12 <REP> roqo 25/03/2004 21:31 <REP> Services 23/06/2006 19:07 <REP> Sony Shared 25/03/2004 21:20 <REP> SpeechEngines 13/02/2006 22:45 <REP> Stardraw.com 29/07/2005 08:59 <REP> Symantec Shared 25/03/2004 23:44 <REP> System 27/08/2006 09:06 <REP> {C48B6F57-03A2-1036-1208-000123010021} 0 fichier(s) 0 octets 21 Rép(s) 855 248 896 octets libres Le volume dans le lecteur C s'appelle Principal Le numéro de série du volume est C48B-6F57 Répertoire de C:\Program Files\common files 25/03/2004 22:49 <REP> . 25/03/2004 22:49 <REP> .. 25/03/2004 22:49 <REP> System 0 fichier(s) 0 octets 3 Rép(s) 855 248 896 octets libres Le volume dans le lecteur C s'appelle Principal Le numéro de série du volume est C48B-6F57 Répertoire de C:\ 23/08/2006 22:20 2 560 ac3_0010.exe 1 fichier(s) 2 560 octets 0 Rép(s) 855 248 896 octets libres c:\Documents and Settings\mOOte\aw2.exe c:\Documents and Settings\mOOte\Bureau\Codec_Sniper.exe c:\Documents and Settings\mOOte\Bureau\kav6.0.0.303fr.exe c:\Documents and Settings\mOOte\Bureau\mmp2b189.exe c:\Documents and Settings\mOOte\Bureau\zlsSetup_65_731_000_fr.exe c:\Documents and Settings\mOOte\Bureau\clean\clean\pskill.exe c:\Documents and Settings\mOOte\Bureau\DiagHelp\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\mOOte\Bureau\DiagHelp\diaghelp\Fport.exe c:\Documents and Settings\mOOte\Bureau\DiagHelp\diaghelp\grep.exe c:\Documents and Settings\mOOte\Bureau\DiagHelp\diaghelp\LFiles.exe c:\Documents and Settings\mOOte\Bureau\DiagHelp\diaghelp\LISTDLLS.exe c:\Documents and Settings\mOOte\Bureau\DiagHelp\diaghelp\pslist.exe c:\Documents and Settings\mOOte\Bureau\DiagHelp\diaghelp\streams.exe c:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\ewido.exe c:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\guard.exe c:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\Uninstall.exe c:\Documents and Settings\mOOte\Bureau\Hijack\HijackThis.exe c:\Documents and Settings\mOOte\Bureau\JEUX\Arkanoid.exe c:\Documents and Settings\mOOte\Bureau\JEUX\WA_Update-3.0.5.0_Beta_2.exe c:\Documents and Settings\mOOte\Bureau\JEUX\WA_Update-3.6.26.5_Beta.exe c:\Documents and Settings\mOOte\Bureau\JEUX\MMV3\MICRO.EXE c:\Documents and Settings\mOOte\Bureau\JEUX\MMV3\MM3IO.EXE c:\Documents and Settings\mOOte\Bureau\JEUX\MMV3\MM3JOY.EXE c:\Documents and Settings\mOOte\Bureau\JEUX\winlemms\AUTORUN.EXE c:\Documents and Settings\mOOte\Bureau\JEUX\winlemms\LEMMINGS.EXE c:\Documents and Settings\mOOte\Bureau\Qoofix\Qoofix.exe c:\Documents and Settings\mOOte\Local Settings\Temp\sksg6man.exe c:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avcmhk4.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\mOOte\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

Bonjour et merci encore pour ton aide ça à l'air d'aller très bien maintenant Par contre le rapport de Kapersky est gigantesque 19 Mo (+ 1300 infections !!!) je n'arrive pas à le coller faut il que je le fractionne ? il est vraiment énorme J'espère avoir fait comme il fallait Voici les rapports: ewido anti-spyware - Scan Report + Created at: 09:06:52 27/08/2006 + Scan result: C:\Program Files\Fichiers communs\{C48B6F57-03A2-1036-1208-000123010021}\Update.exe -> Adware.Agent : Cleaned with backup (quarantined). C:\WINDOWS\system32\en46l1hs1.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\system32\lvrq0995e.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\WINDOWS\system32\wzbhits.dll -> Adware.Look2Me : Cleaned with backup (quarantined). C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined). HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined). HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide :Cleaned with backup (quarantined). HKU\S-1-5-21-436374069-1677128483-1060284298-1003\Software\SurfSideKick3 -> Adware.SurfSide :Cleaned with backup (quarantined). HKU\S-1-5-21-436374069-1677128483-1060284298-1003\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined). C:\WINDOWS\system32\ytisvc.exe -> Backdoor.Agent.fk : Cleaned with backup (quarantined). C:\WINDOWS\system32\.exe -> Backdoor.IRCBot.st : Cleaned with backup (quarantined). C:\WINDOWS\system32\15535_netapi.exe -> Backdoor.Rbot.bgs :Cleaned with backup (quarantined). C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\2UVQAGEV053871_netapi[1].exe -> Backdoor.Rbot.bgs :Cleaned with backup (quarantined). C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\8U7N3GHK\18548_netapi[1].exe -> Backdoor.Rbot.bgs : Cleaned with backup (quarantined). C:\jconsole.exe -> Backdoor.Rbot.bgs : Cleaned with backup (quarantined). C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\2UVQAGEV\netapi[1].exe -> Backdoor.Rbot.bgu :Cleaned with backup (quarantined). C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9VQXVZR4\netapi[1].exe -> Backdoor.Rbot.bgu :Cleaned with backup (quarantined). C:\Documents and Settings\mOOte\aw1.exe -> Downloader.Adload.ep : Cleaned with backup (quarantined). C:\Documents and Settings\mOOte\aws32.exe/aw1.exe -> Downloader.Adload.ep :Cleaned with backup (quarantined). C:\Documents and Settings\mOOte\eizh -> Downloader.Adload.ep :Cleaned with backup (quarantined). C:\WINDOWS\system32\aw1.exe -> Downloader.Adload.ep :Cleaned with backup (quarantined). C:\WINDOWS\system32\aws32.exe/aw1.exe -> Downloader.Adload.ep : Cleaned with backup (quarantined). G:\aw1.exe -> Downloader.Adload.ep :Cleaned with backup (quarantined). G:\aws32.exe/aw1.exe -> Downloader.Adload.ep : Cleaned with backup (quarantined). C:\dfndrff_12.exe -> Downloader.Adload.eu :Cleaned with backup (quarantined). C:\SS1001newer.exe -> Dropper.Small.qn :Cleaned with backup (quarantined). C:\dfndrff_13.exe -> Hijacker.VB.ly :Cleaned with backup (quarantined). C:\WINDOWS\system32\aiysnjyg.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r :Cleaned with backup (quarantined). C:\WINDOWS\system32\nkdtskvh.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r :Cleaned with backup (quarantined). ::Report end Script clean par Malekal_morte - http://www.malekal.com Microsoft Windows XP [version 5.1.2600] Script execute en mode sans echec *** Suppression de fichiers sur C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 *** Suppression des clefs du registre effectuee.. Logfile of HijackThis v1.99.1 Scan saved at 11:11:05, on 28/08/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\system32\crypserv.exe C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\guard.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\mOOte\Bureau\Hijack\HijackThis.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!ewido] "C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\mOOte\Bureau\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Merci pour ton aide alors voila les rapports: Qoofix v1.03 by http://www.malwarebytes.org Scan started on [26/08/2006] at [23:36:03] ------------------------------------------------------------- No malicious modules found! ------------------------------------------------------------- No Qoologic infected files found! ------------------------------------------------------------- Scan COMPLETED SUCCESSFULLY on [26/08/2006] at [23:38:04] Note: Some registry keys may have been removed. Logfile of HijackThis v1.99.1 Scan saved at 23:43:02, on 26/08/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\javanet.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\spooIsv.exe C:\dihd.exe C:\dfndrff_13.exe C:\kybrdff_13.exe C:\WINDOWS\System32\pavsvc.exe C:\WINDOWS\System32\lssas.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\mozilla.org\Mozilla\mozilla.exe C:\Documents and Settings\mOOte\aws32.exe C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE C:\Documents and Settings\mOOte\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com F2 - REG:system.ini: Shell=Explorer.exe javanet.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,javanet.exe O4 - HKLM\..\Run: [spooler SubSystem App] C:\WINDOWS\System32\spooIsv.exe O4 - HKLM\..\Run: [DHCP Hotfix] C:\dihd.exe O4 - HKLM\..\Run: [defender] C:\\dfndrff_13.exe O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_13.exe O4 - HKLM\..\Run: [pavsvc] C:\WINDOWS\System32\pavsvc.exe O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RBot v2 with NetAPI exploit traded with billgates I gave my mother Greetz - OG - Bluehell Irc Server] C:\WINDOWS\System32\glossary.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunServices: [MS Java for Windows XP & NT] javanet.exe O4 - HKLM\..\RunServices: [MS Java Service Wrapper for Windows NT & XP] wrapper.exe O4 - HKLM\..\RunServices: [sun Java Console for Windows NT & XP] jconsole.exe O4 - HKLM\..\RunServices: [Windows Kernel System Service] wkssvr.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\RunServices: [MS Java for Windows XP & NT] javanet.exe O4 - HKCU\..\RunServices: [MS Java Service Wrapper for Windows NT & XP] wrapper.exe O4 - HKCU\..\RunServices: [sun Java Console for Windows NT & XP] jconsole.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: Windows Network Security Management Service (nsms) - Unknown owner - C:\WINDOWS\system32\D0.tmp (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Windows Genuine Advantage Registration Service (wgareg) - Unknown owner - C:\WINDOWS\System32\wgareg.exe

Bonjour à vous ! Je bataille depuis un bon gros moment sur mon ordi....Pouvez vous me venir en aide...svp Plusieurs problèmes: - J'ai les fenêtres "serwab" qui s'affichent, j'ai essayé "CCleaner" puis "ewido" mais ewido ne veut pas s'installer, la fenêtre se ferme dès le début de l'install. (mêmes symptômes quand je lance mon anti virus, ou quand je cherche le mot spyware ou virus sur Mozilla...) - J'ai une barre de recherche qui s'est installé sur le bureau - J'ai de temps en temps une fenêtre "confirm file replace" qui m'indique qu'un fichier "aw1.exe" veut se remplacer par un autre... enfin bon un paquet de choses étranges...Merci d'avance pour l'attention à ce problème Je vous joint mon log Logfile of HijackThis v1.99.1 Scan saved at 20:12:38, on 26/08/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\wkssvr.exe C:\WINDOWS\Explorer.exe C:\Documents and Settings\mOOte\Bureau\HijackThis.exe F2 - REG:system.ini: Shell=Explorer.exe wkssvr.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,wkssvr.exe O4 - HKLM\..\Run: [spooler SubSystem App] C:\WINDOWS\System32\spooIsv.exe O4 - HKLM\..\Run: [DHCP Hotfix] C:\dihd.exe O4 - HKLM\..\Run: [defender] C:\\dfndrff_13.exe O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_13.exe O4 - HKLM\..\Run: [pavsvc] C:\WINDOWS\System32\pavsvc.exe O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\RunServices: [MS Java for Windows XP & NT] javanet.exe O4 - HKLM\..\RunServices: [MS Java Service Wrapper for Windows NT & XP] wrapper.exe O4 - HKLM\..\RunServices: [Windows Kernel System Service] wkssvr.exe O4 - HKLM\..\RunServices: [sun Java Console for Windows NT & XP] jconsole.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\RunServices: [MS Java for Windows XP & NT] javanet.exe O4 - HKCU\..\RunServices: [MS Java Service Wrapper for Windows NT & XP] wrapper.exe O4 - HKCU\..\RunServices: [sun Java Console for Windows NT & XP] jconsole.exe O4 - HKCU\..\RunServices: [Windows Kernel System Service] wkssvr.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: Windows Network Security Management Service (nsms) - Unknown owner - C:\WINDOWS\system32\D0.tmp (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Windows Genuine Advantage Registration Service (wgareg) - Unknown owner - C:\WINDOWS\System32\wgareg.exe