natsroshan

ok, merci. je suis tes conseils dès aujourd'hui et encore une fois merci boss.

salut, je n'ai plus le probleme firefox! plus rien, il se ferme normalement. merci beaucoup. je pense qu'en plus tu m'as aidé à nettoyer mon pc qui avait plusieurs problèmes en + de celui-ci. je m'occupe du scannow maintenant. encore une fois merci

salut, j'ai refais un scan trendmicro anti-spyware dont voici les fichiers trouvés et supprimés! SCAN DETAILS - Cookie_Atdmt : Internet Explorer Cache\atdmt.com - Cookie_BlueStreak : Internet Explorer Cache\bluestreak.com - Cookie_DoubleClick : Internet Explorer Cache\doubleclick.net - Cookie_ServingSys : Internet Explorer Cache\serving-sys.com par contre, toujours les mêmes soucis que précédemment pour bitdefender et trendmicro housecall. pourtant il n'y a aucune raison valable. a plus tard.

bonjour, voici le scan f-secure : Scanning Report Sunday, October 15, 2006 03:21:17 - 11:52:45 Computer name: ############## Scanning type: Scan system for viruses, rootkits, spyware Target: C:\ D:\ E:\ K:\ Result: 3 malware found Tracking Cookie (spyware) * System (Disinfected) * System (Submitted) Zlob.ILC (virus) * D:\A CONSERVER\GIFMOVIEGEAR4.EXE (Submitted) Statistics Scanned: * Files: 28359 * System: 4839 * Not scanned: 11 Actions: * Disinfected: 1 * Renamed: 0 * Deleted: 0 * None: 2 * Submitted: 2 Files not scanned: * C:\PAGEFILE.SYS * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT * C:\WINDOWS\$NTUNINSTALLQ315000$\NETSETUP.EXE * C:\WINDOWS\$NTUNINSTALLQ315000$\SPUNINST\SPUNINST.EXE * C:\WINDOWS\$NTUNINSTALLQ308678$\MSOBMAIN.DLL * C:\WINDOWS\$NTUNINSTALLQ308678$\SPUNINST\SPUNINST.EXE * C:\WINDOWS\$NTUNINSTALLQ308677$\USERENV.DLL * C:\WINDOWS\$NTUNINSTALLQ308677$\SPUNINST\SPUNINST.EXE * C:\WINDOWS\$NTUNINSTALLQ308402$\SPCMDCON.SYS * C:\WINDOWS\$NTUNINSTALLQ308402$\SPUNINST\SPUNINST.EXE * C:\WINDOWS\$NTUNINSTALLQ308387$\SPUNINST\SPUNINST.EXE à plus.

re, j'ai encore un probleme: quand j'accepte les règles d'utilisation de bitdefender'j'ai ce message d'erreur: "Failed to load interface -- You must have administrative rights on this computer; you also must have the Internet Explorer security settings to the Medium level" j'ai pourtant desactivé tout firewall mais rien à faire même après redemarrage du sysrtème. je fais koi boss?

salut regis56 voici le scan trendmicro/spyware-scan(fichier supprimé): TSPY_Bifrose (1 item) CLE REGISTRE: HKU\S-1-5-21-1957994488-197992683-725345543-1011\Software\Wget\ c'est tout. par contre toujours le même probleme avec housecall : la fenêtre iexplorer se ferme environ 10 minutes après le début de l'analyse, sans raisons apparentes. je l'ai recommencé 5 fois en utilisant différents noyaux. et avec firefox le scan ne démarre pas du tout. a plus tard.

c'est fait! voici le scan panda: Incident Statut Analyse Adware:adware/powerstrip No Désinfecté Registre Windows Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.xiti.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.com.com/] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.advertising.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.weborama.fr/] Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[as1.falkag.de/] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.adtech.de/] Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/Azjmp No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.azjmp.com/] Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\AMINATA\Cookies\aminata@atdmt[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\AMINATA\Cookies\aminata@doubleclick[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\AMINATA\Cookies\aminata@weborama[1].txt a plus tard.

voici le rapport panda : Incident Statut Analyse Adware:adware/windowenhancer No Désinfecté c:\windows\system32\SBUtils Adware:adware/cydoor No Désinfecté c:\windows\cdmxtras Adware:adware/downloadware No Désinfecté Registre Windows Adware:adware/powerstrip No Désinfecté Registre Windows Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Azjmp No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.azjmp.com/] Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.adopt.hbmediapro.com/] Dialer:Dialer.B No Désinfecté C:\Documents and Settings\AMINATA\Bureau\registre\backups\backup-20060914-005535-292.inf Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\AMINATA\Cookies\aminata@atdmt[2].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\AMINATA\Cookies\aminata@serving-sys[1].txt a plus tard.

salut regis56 voici les differents rapports. je mets le scan panda en route tout de suite. BFU Windows XP SP1 (WinNT 5.01.2600 SP1) Script started at 09:07:51, on 09/10/2006 Option Delete files to Recycle Bin: Yes Failed: DllUnregister C:\WINDOWS\System32\MSWBM32.DLL|1 (file not found) Failed: DllUnregister C:\Program Files\MailSkinner\OESkinner.dll|1 (file not found) Failed: FolderDelete C:\Program Files\dialpass (folder not found) Failed: FolderDelete C:\Program Files\eghtmldialer (folder not found) Failed: FolderDelete C:\Program Files\egroup (folder not found) Failed: FolderDelete C:\Program Files\Instant Access (folder not found) Failed: FolderDelete C:\Program Files\MailSkinner (folder not found) Failed: FolderDelete C:\Program Files\InternetGameBox (folder not found) Failed: FolderDelete C:\Program Files\GoRecord2 (folder not found) Failed: FolderDelete C:\Program Files\GoAstro (folder not found) Failed: FolderDelete C:\Program Files\SudoPlanet (folder not found) Failed: FolderDelete C:\Program Files\WebMediaPlayer (folder not found) Failed: DllUnregister C:\WINDOWS\mslagent\2_mslagent.dll|1 (file not found) Failed: DllUnregister C:\WINDOWS\navmpc\2_navmpc.dll|1 (file not found) Failed: FolderDelete C:\WINDOWS\mslagent (folder not found) Failed: FolderDelete C:\WINDOWS\navmpc (folder not found) Failed: FolderDelete C:\WINDOWS\msskinner (folder not found) Failed: FolderDelete C:\WINDOWS\wintrim (folder not found) Failed: FolderDelete C:\WINDOWS\wincomp (folder not found) Failed: FolderDelete C:\WINDOWS\winmgts (folder not found) Failed: FolderDelete C:\WINDOWS\simcss (folder not found) Failed: FolderDelete C:\WINDOWS\mc (folder not found) Failed: FileDelete C:\DOCUME~1\AMINATA\LOCALS~1\Temp\~DF57BF.tmp (operation failed) Script completed. --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 19:31:57 09/10/2006 + Résultat de l'analyse: :mozilla.34:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.42:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\AMINATA\Cookies\aminata@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.64:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.65:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.66:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.67:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.70:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.49:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\AMINATA\Cookies\aminata@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.53:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.98:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\AMINATA\Cookies\aminata@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.124:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.106:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.107:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.108:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.109:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.110:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.111:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.155:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.156:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.157:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.158:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.142:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.144:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.145:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.73:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé. :mozilla.74:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé. :mozilla.75:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé. :mozilla.76:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé. :mozilla.146:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.147:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.148:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.149:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.150:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.62:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé. :mozilla.24:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.26:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.27:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.143:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.50:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.51:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.52:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\AMINATA\Cookies\aminata@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.56:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.57:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.58:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.59:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.63:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 19:42:52, on 09/10/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\HijackThis\natsroshan.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - Global Startup: BTTray.lnk.disabled O4 - Global Startup: Microsoft Office.lnk.disabled O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{21C1B762-BC06-4259-BDE5-D4F1C58635CB}: NameServer = 212.27.54.252,212.27.53.252 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe a plus tard.

salut regis56, alors suite au dernier post j'ai passé spysweeper dont tu trouveras le rapport juste aprés. par contre 2 problemes : - spyware-scan = j'ai supprimé les fichiers trouvés mais j'ai oublié de faire copier/coller!! - housecall = programme démarré 3 fois. 1ère fois : tous se bloque au bout de 15 minutes pendant environ 1h (moment où je stoppe tout_lancé avant spyware-scan) 2ème et 3ème fois : (lancé après spyware-scan) iexplore se ferme d'un coup au bout de 5/10 min!! comme si je l'avais fermé moi-même normalement _ sans avertissement,rien du tout. je commence vraiment à m'inquiéter...(un peu tard,non?) merci d'avance. spysweeper 23:58: Removal process completed. Elapsed time 00:00:06 23:58: 11-{343642a0-b36e-2fcb-2b77-3dba04682cc2}-v1-{e974ad55-1048-4195-8d8c-36140d672e22}-v11-downloaded.frx is in use. It will be removed on reboot. 23:58: potentially rootkit-masked files is in use. It will be removed on reboot. 23:58: Quarantining All Traces: potentially rootkit-masked files 23:58: Quarantining All Traces: instant access 23:58: Removal process initiated 22:21: Traces Found: 2 22:21: Full Sweep has completed. Elapsed time 00:51:12 22:21: File Sweep Complete, Elapsed Time: 00:48:25 22:20: 11-{343642a0-b36e-2fcb-2b77-3dba04682cc2}-v1-{e974ad55-1048-4195-8d8c-36140d672e22}-v11-downloaded.frx (ID = 0) 22:20: Found System Monitor: potentially rootkit-masked files 22:20: Warning: Failed to access drive R: 22:20: Warning: Failed to access drive Q: 22:19: Warning: Failed to access drive J: 22:19: Warning: Failed to access drive I: 22:19: Warning: Failed to access drive F: 22:13: a0291745.inf (ID = 63678) 22:13: Found Adware: instant access 21:33: Starting File Sweep 21:33: Warning: Failed to access drive A: 21:32: Cookie Sweep Complete, Elapsed Time: 00:00:00 21:32: Starting Cookie Sweep 21:32: Registry Sweep Complete, Elapsed Time:00:00:34 21:32: Starting Registry Sweep 21:32: Memory Sweep Complete, Elapsed Time: 00:01:43 21:30: Warning: Le client ne dispose pas d'un privilège nécessaire 21:30: Starting Memory Sweep 21:30: Warning: Le client ne dispose pas d'un privilège nécessaire 21:30: Sweep initiated using definitions version 691 21:30: Spy Sweeper 5.0.5.1286 started 21:30: | Start of Session, dimanche 8 octobre 2006 | ******** 21:30: | End of Session, dimanche 8 octobre 2006 | 21:29: Program Version 5.0.5.1286 Using Spyware Definitions 691 21:22: Warning: Profile shadow "C:\WINDOWS\Temp\SST6F.tmp" exists for "S-1-5-21-1957994488-1979792683-725345543-1011" 21:22: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SST6F.tmp". Reason: Le fichier spécifié est introuvable Keylogger Shield: On BHO Shield: On IE Security Shield: On Alternate Data Stream (ADS) Execution Shield: On Startup Shield: On Common Ad Sites Shield: Off Hosts File Shield: On Spy Communication Shield: On ActiveX Shield: On Windows Messenger Service Shield: On IE Favorites Shield: On Spy Installation Shield: On Memory Shield: On IE Hijack Shield: On IE Tracking Cookies Shield: Off 21:21: Shield States 21:21: Spyware Definitions: 691 21:21: Spy Sweeper 5.0.5.1286 started 21:21: Spy Sweeper 5.0.5.1286 started 21:21: | Start of Session, dimanche 8 octobre 2006 | ********

Spysweeper 00:17: Program Version 5.0.5.1286 Using Spyware Definitions 691 23:25: | End of Session, vendredi 6 octobre 2006 | 23:23: Program Version 5.0.5.1286 Using Spyware Definitions 691 Keylogger Shield: On BHO Shield: On IE Security Shield: On Alternate Data Stream (ADS) Execution Shield: On Startup Shield: On Common Ad Sites Shield: Off Hosts File Shield: On Spy Communication Shield: On ActiveX Shield: On Windows Messenger Service Shield: On IE Favorites Shield: On Spy Installation Shield: On Memory Shield: On IE Hijack Shield: On IE Tracking Cookies Shield: Off 23:18: Shield States 23:18: Spyware Definitions: 691 23:18: Spy Sweeper 5.0.5.1286 started 23:18: Spy Sweeper 5.0.5.1286 started 23:18: | Start of Session, vendredi 6 octobre 2006 | ******** 00:13: Removal process completed. Elapsed time 00:01:14 00:13: Preparing to restart your computer. Please wait... 00:13: 11-{343642a0-b36e-2fcb-2b77-3dba04682cc2}-v1-{e974ad55-1048-4195-8d8c-36140d672e22}-v11-downloaded.frx is in use. It will be removed on reboot. 00:13: potentially rootkit-masked files is in use. It will be removed on reboot. 00:13: Quarantining All Traces: potentially rootkit-masked files 00:13: Quarantining All Traces: gain - common components 00:13: Quarantining All Traces: cydoor peer-to-peer dependency 00:12: Quarantining All Traces: winantivirus pro 00:12: Quarantining All Traces: altnet 00:12: Quarantining All Traces: networkessentials 00:12: Quarantining All Traces: xiti cookie 00:12: Quarantining All Traces: bluestreak cookie 00:12: Quarantining All Traces: atlas dmt cookie 00:12: Quarantining All Traces: falkag cookie 00:12: Quarantining All Traces: purhardcore dialer 00:12: Quarantining All Traces: edipol alloticket dialer 00:12: Quarantining All Traces: great net downloadware 00:12: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SST16C.tmp". Reason: Le fichier spécifié est introuvable 00:12: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable 00:12: Quarantining All Traces: globalcs dialer 00:12: Quarantining All Traces: system spy 00:12: Quarantining All Traces: whenu 00:12: Quarantining All Traces: instant access 00:12: Quarantining All Traces: delfin 00:12: Removal process initiated 00:11: Traces Found: 33 00:11: Full Sweep has completed. Elapsed time 00:46:51 00:11: File Sweep Complete, Elapsed Time: 00:44:48 00:10: 11-{343642a0-b36e-2fcb-2b77-3dba04682cc2}-v1-{e974ad55-1048-4195-8d8c-36140d672e22}-v11-downloaded.frx (ID = 0) 00:10: Found System Monitor: potentially rootkit-masked files 00:10: Warning: Failed to access drive R: 00:10: Warning: Failed to access drive Q: 00:09: Warning: Failed to access drive J: 00:09: Warning: Failed to access drive I: 00:09: Warning: Failed to access drive F: 00:04: backup-20060914-005533-694.inf (ID = 63678) 00:03: cmediagnostics.log (ID = 61291) 00:03: mepcme.dat (ID = 61517) 00:03: gator.log (ID = 61386) 00:03: gatorsupportinfo.txt (ID = 61414) 00:03: Found Adware: gain - common components 23:55: a0260800.manifest (ID = 49859) 23:55: a0260166.manifest (ID = 49859) 23:55: a0260036.manifest (ID = 49859) 23:53: a0261114.dll (ID = 291187) 23:53: a0261113.sys (ID = 291186) 23:51: a0260110.manifest (ID = 49859) 23:51: a0261131.sys (ID = 291186) 23:48: tmlpcert2005 (ID = 63918) 23:39: cd_clint.dll (ID = 57300) 23:39: Found Adware: cydoor peer-to-peer dependency 23:39: a0261124.exe (ID = 269561) 23:39: Found Adware: winantivirus pro 23:33: a0260907.manifest (ID = 49859) 23:33: a0260142.dll (ID = 49784) 23:31: a0260933.dll (ID = 49784) 23:31: Found Adware: altnet 23:28: support software (ID = 2147486764) 23:28: Found Adware: networkessentials 23:27: Starting File Sweep 23:26: Warning: Failed to access drive A: 23:26: Cookie Sweep Complete, Elapsed Time: 00:00:00 23:26: aminata@xiti[1].txt (ID = 3717) 23:26: Found Spy Cookie: xiti cookie 23:26: aminata@bluestreak[2].txt (ID = 2314) 23:26: Found Spy Cookie: bluestreak cookie 23:26: aminata@atdmt[2].txt (ID = 2253) 23:26: Found Spy Cookie: atlas dmt cookie 23:26: aminata@as1.falkag[2].txt (ID = 2650) 23:26: Found Spy Cookie: falkag cookie 23:26: Starting Cookie Sweep 23:26: Registry Sweep Complete, Elapsed Time:00:00:37 23:26: HKU\S-1-5-21-1957994488-1979792683-725345543-1006\software\kgcs\ (ID = 657208) 23:26: Found Adware: purhardcore dialer 23:26: HKU\S-1-5-21-1957994488-1979792683-725345543-1006\software\microsoft\windows\currentversion\wintrust\trust providers\software publishing\trust database\0\ || goicfboogidikkejccmclpieicihhlpo bgdjdn (ID = 128845) 23:26: HKU\S-1-5-21-1957994488-1979792683-725345543-1006\software\visio ras script\ (ID = 125646) 23:26: Found Adware: edipol alloticket dialer 23:26: HKU\S-1-5-21-1957994488-1979792683-725345543-1006\software\medialoads\ (ID = 125355) 23:26: Found Adware: great net downloadware 23:26: HKU\WRSS_Profile_S-1-5-21-1957994488-1979792683-725345543-1010\software\globalcs\ (ID = 126850) 23:26: Found Adware: globalcs dialer 23:26: HKCR\.ssa\ (ID = 143523) 23:26: Found System Monitor: system spy 23:26: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/sndbmark.dll\ (ID = 140439) 23:26: Found Adware: whenu 23:26: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/p2ecom.dll\ (ID = 128807) 23:26: Found Adware: instant access 23:26: HKLM\software\microsoft\windows\currentversion\app management\arpcache\delfin media viewer\ (ID = 124859) 23:26: Found Adware: delfin 23:26: Starting Registry Sweep 23:26: Memory Sweep Complete, Elapsed Time: 00:00:57 23:25: Warning: Le client ne dispose pas d'un privilège nécessaire 23:25: Starting Memory Sweep 23:25: Sweep initiated using definitions version 691 23:25: Spy Sweeper 5.0.5.1286 started 23:25: | Start of Session, vendredi 6 octobre 2006 | ******** Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 00:23:34, on 07/10/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\Program Files\HijackThis\natsroshan.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - Global Startup: BTTray.lnk.disabled O4 - Global Startup: Microsoft Office.lnk.disabled O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{21C1B762-BC06-4259-BDE5-D4F1C58635CB}: NameServer = 212.27.54.252,212.27.53.252 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

salut j'ai les rapports spysweeper et hikackthis par contre gros probleme avec panda: l'analyse se bloque au bout de 10 minutes dans le dossier kaspersky. j'ai recommencé l'analyse 3 fois mais à chaque fois il ralentit arrivé à ce dossier, analyse 1 fichier en 10/15min!!! je l'ai laissé tourner toute la nuit de samedi mais au bout de 8 hrs il est toujours dans le même dossier . ce n'est pas normal car avant l'utilisation de spysweeper (suppression de fichiers) , le scan panda s'était très bien déroulé. est ce que c 'est lié? et du coup mon probleme avec firefox pourrait-il venir de kaspersky? je fais des conjectures mais c'est quand même bizarre. je vous laisse quand même les rapports édités dans le message qui suit. merci d'avance.

ok. je fais ça tout de suite. à plus tard..

salut ci joint le rapport panda: Incident Statut Analyse Adware:adware/cydoor No Désinfecté C:\WINDOWS\System32\CD_CLINT.DLL Dialer:dialer.b No Désinfecté c:\windows\system32\mseggrpid.dll Adware:adware/windowenhancer No Désinfecté c:\windows\system32\SBUtils Outil indésirable:application/myway No Désinfecté c:\program files\MyWay Adware:adware/gator No Désinfecté c:\program files\fichiers communs\CMEII Adware:adware/downloadware No Désinfecté Registre Windows Spyware:spyware/clipgenie No Désinfecté Registre Windows Outil indésirable:application/funweb No Désinfecté hkey_local_machine\software\FunWebProducts Outil indésirable:application/mywebsearch No Désinfecté hkey_local_machine\software\MyWebSearch Outil indésirable:application/need2find No Désinfecté hkey_local_machine\software\Need2Find Adware:adware/powerstrip No Désinfecté Registre Windows Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.xiti.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.zedo.com/] Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.advertising.com/] Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.advertising.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.overture.com/] Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.2o7.net/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[as1.falkag.de/] Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.atdmt.com/] Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Apmebf No Désinfecté C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt[.apmebf.com/] Outil indésirable:Application/FunWeb No Désinfecté C:\Documents and Settings\AMINATA\Bureau\registre\backups\backup-20060723-005030-540.inf Dialer:Dialer.B No Désinfecté C:\Documents and Settings\AMINATA\Bureau\registre\backups\backup-20060914-005535-292.inf Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\AMINATA\Cookies\aminata@as1.falkag[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\AMINATA\Cookies\aminata@atdmt[2].txt Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\24 Access All Areas.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\3D.HTM Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Alcohol 120 1.4.7.1005 Keygen.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Alcohol 120 1.4.7.1005 Keygen.zip[Alcohol 120 1.4.7.1005 Keygen.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Alcohol1.4.8.1222 + crack.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Alias - Saison 2 - french sub - fov dvd-rip.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Alias - Saison 2 - french sub - fov dvd-rip.zip[Alias - Saison 2 - french sub - fov dvd-rip.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\class-loader-howto.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\clonyxxlv2002beta_b.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\clonyxxlv2002beta_b.zip[clonyxxlv2002beta_b.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\codec mp3 fhg_radium_mp3_1263.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\codec mp3 fhg_radium_mp3_1263.zip[codec mp3 fhg_radium_mp3_1263.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Comment Graver Un Fichier Image (Iso, Nrg, Cue, Bin, Ccd).htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Configuration_ReadMe.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Convert Trial Version to Full Working Version(works on Photoshop Flash Dreamweaver Norton Quark Unlead Lightwave & Games.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Convert Trial Version to Full Working Version(works on Photoshop Flash Dreamweaver Norton Quark Unlead Lightwave & Games.zip[Convert Trial Version to Full Working Version(works on Photoshop Flash Dreamweaver Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\DVDIMAGE.part001.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Fichier a ajouter.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Fichier a ajouter.zip[Fichier a ajouter.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\flaskmpeg-modemploi.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\games.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Ghost Of The Robot - Its Nothing (live).html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Ghost Of The Robot - Its Nothing (live).zip[Ghost Of The Robot - Its Nothing (live).exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\HELPFR.HTM Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\home.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\image.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\internet.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\jndi-resources-howto.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\menu Angel saison 2 Cd1 BIVX gastrule.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\music.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\OptionsDialog.Appearance.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\OptionsDialog.General.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\OptionsDialog.Internet.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\OptionsDialog.Output.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\OptionsDialog.Player.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\OptionsDialog.Playlist.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\OptionsDialog.Strings.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Plug-insDialog.DSP.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Plug-insDialog.GeneralPurpose.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Plug-insDialog.Input.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Plug-insDialog.Visualization.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Power_DVD_v4.0_by_NKRHC.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Power_DVD_v4.0_by_NKRHC.zip[Power_DVD_v4.0_by_NKRHC.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\prince_of_persia-les_sables_du_temps-2d_francais.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\prince_of_persia-les_sables_du_temps-2d_francais.zip[prince_of_persia-les_sables_du_temps-2d_francais.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\RandomEntryPropertiesDialog.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\search.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\security-manager-howto.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\service.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\servlet23jsp12-docs.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\servlet23jsp12-docs.zip[servlet23jsp12-docs.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Shania Twain Discography.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\SpeedTouch-HOWTO-de.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\SpeedTouch-HOWTO-en.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\SpeedTouch-HOWTO-es.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\SpeedTouch-HOWTO-fr.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\SpeedTouch-HOWTO-it.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\SpeedTouch-HOWTO-nl.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\tarte tomate, basilic, mozzarella.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\tomates cerises à la feta et au basilic.htm Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\TrackPropertiesDialog.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Usual-suspects-(The-Usual-suspects)-fr-1cd.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\VirtualDub-1.5.10-src.html Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\VirtualDub-1.5.10-src.zip[VirtualDub-1.5.10-src.exe] Virus:W32/Torvil.B.worm Désinfecté C:\WINDOWS\.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Winace 2 20 Keygen.html ça fait peur!!!

il est super tard, suis claquée... lol... voici les trois rapports : --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 01:18:20 06/10/2006 + Résultat de l'analyse: C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1087\A0261150.exe -> Adware.Altnet : Nettoyé. HKLM\SOFTWARE\DelFin -> Adware.Delfin : Nettoyé. HKLM\SOFTWARE\DelFin\PromulGate -> Adware.Delfin : Nettoyé. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DelFin Media Viewer -> Adware.Delfin : Nettoyé. HKU\S-1-5-21-1957994488-1979792683-725345543-1006\Software\DelFin -> Adware.Delfin : Nettoyé. HKU\S-1-5-21-1957994488-1979792683-725345543-1006\Software\DelFin\PromulGate -> Adware.Delfin : Nettoyé. :mozilla.100:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.101:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.102:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.103:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.104:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.105:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.106:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.98:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.99:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.127:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.133:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.131:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.80:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.59:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.112:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.92:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.93:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.94:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.95:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.96:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.97:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.48:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.87:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.88:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.89:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.90:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.91:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.77:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.78:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.79:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.29:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.171:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.172:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.54:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé. :mozilla.55:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé. :mozilla.56:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.57:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.58:C:\Documents and Settings\AMINATA\Application Data\Mozilla\Firefox\Profiles\30yibwg8.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. Fin du rapport ____________________________________________________________________________________ rapport blacklight 10/06/06 01:26:49 [info]: BlackLight Engine 1.0.47 initialized 10/06/06 01:26:49 [info]: OS: 5.1 build 2600 (Service Pack 1) 10/06/06 01:26:50 [Note]: 7019 4 10/06/06 01:26:50 [Note]: 7005 0 10/06/06 01:27:19 [Note]: 7006 0 10/06/06 01:27:22 [Note]: 7011 1284 10/06/06 01:27:22 [Note]: 7026 0 10/06/06 01:27:23 [Note]: 7026 0 10/06/06 01:28:00 [Note]: FSRAW library version 1.7.1020 10/06/06 01:41:42 [Note]: 2000 1012 10/06/06 01:41:42 [Note]: 2000 1012 10/06/06 01:54:14 [Note]: 7007 0 _____________________________________________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 02:09:32, on 06/10/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\natsroshan.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - Global Startup: BTTray.lnk.disabled O4 - Global Startup: Microsoft Office.lnk.disabled O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{21C1B762-BC06-4259-BDE5-D4F1C58635CB}: NameServer = 212.27.54.252,212.27.53.252 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - (no CLSID) - (no file) O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe en espérant que cest bon... merci d'avance.

ok merci. je m'y colle.

dernier log AntiVir PersonalEdition Classic Report file date: jeudi 5 octobre 2006 17:20 Scanning for 522072 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 1) [5.1.2600] Username: AMINATA Computer name: SN4387687352 Version information: AVSCAN.EXE : 7.0.0.47 200744 21/08/2006 10:06:56 AVSCAN.DLL : 7.0.0.45 41000 07/09/2006 10:56:33 LUKE.DLL : 7.0.0.47 118824 07/09/2006 10:32:33 LUKERES.DLL : 7.0.0.47 9256 07/09/2006 10:56:33 ANTIVIR0.VDF : 6.35.0.1 7371264 31/05/2006 10:35:27 ANTIVIR1.VDF : 6.36.0.89 1745920 02/10/2006 14:55:22 ANTIVIR2.VDF : 6.36.0.90 2048 02/10/2006 14:55:22 ANTIVIR3.VDF : 6.36.0.95 54784 05/10/2006 14:55:22 AVEWIN32.DLL : 7.2.0.25 1860096 05/10/2006 14:55:22 AVPREF.DLL : 7.0.0.2 23592 24/07/2006 12:36:04 AVREP.DLL : 6.36.0.79 843816 05/10/2006 14:55:22 AVRPBASE.DLL : 7.0.0.0 2162728 30/03/2006 08:43:31 AVPACK32.DLL : 7.2.0.0 368680 21/07/2006 06:00:28 AVREG.DLL : 6.31.0.90 27688 28/07/2005 10:06:36 NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:49 NETNW.DLL : 7.0.0.0 9768 24/07/2006 12:35:55 RCIMAGE.DLL : 7.0.0.74 1642536 01/08/2006 11:22:57 RCTEXT.DLL : 7.0.1.4 77864 05/10/2006 14:55:19 Configuration settings for the scan: Jobname.......................: Local Drives Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp Boot sectors..................: C,D,E,K,A,J,F,I,Q,R Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004,1005, Macro heuristic...............: 1 File heuristic................: 2 Primary action................: 1 Secondary action..............: 0 Start of the scan: jeudi 5 octobre 2006 17:20 The scan of running processes will be started 4 Processes were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'E:\' [NOTE] No virus was found! Boot sector 'K:\' [NOTE] No virus was found! Boot sector 'A:\' [NOTE] In the drive 'A:\' no data medium is inserted! Boot sector 'J:\' [NOTE] In the drive 'J:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( 9 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\AMINATA\Menu Démarrer.ace [0] Archive type: ACE --> Menu Dmarrer\Programmes\Accessoires\desktop.ini [WARNING] Error creating the file --> Menu Dmarrer\Programmes\desktop.ini [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Documents and Settings\AMINATA\ntuser.dat [WARNING] The file could not be opened! C:\Documents and Settings\AMINATA\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\AMINATA\Bureau\registre\backups\backup-20060723-005029-103.inf [DETECTION] Is the Trojan horse TR/StartPage [iNFO] The file was moved to '4588256a.qua'! C:\Documents and Settings\AMINATA\Local Settings\Application Data\Microsoft\Outlook\outlook.pst [0] Archive type: MS Outlook Mailbox --> Mailbox_[Folder:Bo te de r ception][subject:Tr : Fw: Tr :T'as rien faire ?][From:smishaa@hotmail.com]4.Post-it.exe [DETECTION] Contains signature of the joke program JOKE/ClickWin [iNFO] The file was moved to '459925b0.qua'! C:\Documents and Settings\AMINATA\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\AMINATA\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\AMINATA\Mes documents\Nero\Nero 5.x.x.x KeyGen.exe [DETECTION] Contains signature of the dial-up program DIAL/300945 [iNFO] The file was moved to '4597265a.qua'! C:\Program Files\Xilisoft\XiliSoft.PSP.Video.Converter.v2.1.55.Multilangages.Incl-Keygen.par.eMule-Paradise.com\Keygen\KeyGen.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was moved to '459e2ebb.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1087\A0261112.exe [DETECTION] Contains signature of the SPR/Winfixer.D program [iNFO] The file was moved to '455730cb.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1087\A0261115.exe [DETECTION] Contains signature of the SPR/WinFixer.H program [iNFO] The file was moved to '455730cf.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1087\A0261117.exe [DETECTION] Is the Trojan horse TR/Dldr.FakeAV.A.5 [iNFO] The file was moved to '455730d3.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1087\A0261129.exe [DETECTION] Is the Trojan horse TR/Dldr.FakeAV.A.6 [iNFO] The file was moved to '455730da.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1087\A0261130.exe [DETECTION] Is the Trojan horse TR/Dldr.FakeAV.A.3 [iNFO] The file was moved to '455730dd.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1087\A0261148.exe [DETECTION] Contains signature of the SPR/Dldr.WinFixer.O.12 program [iNFO] The file was moved to '455730e0.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1128\A0289597.inf [DETECTION] Is the Trojan horse TR/StartPage [iNFO] The file was moved to '45573bf4.qua'! C:\System Volume Information\_restore{04C9C898-58A8-4A2D-8D00-B3017C9016F1}\RP1128\A0289598.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was moved to '45573bf6.qua'! C:\WINDOWS\RESTORE.ins [0] Archive type: ARJ --> C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE [DETECTION] Contains signature of the SPR/PsKill.A.13 program [iNFO] The file was moved to '45783c24.qua'! C:\WINDOWS\$NtUninstallQ308387$\spuninst\spuninst.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308387$\spuninst\spuninst.inf [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308402$\spcmdcon.sys [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308402$\srrstr.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308402$\spuninst\spuninst.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308402$\spuninst\spuninst.inf [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308677$\userenv.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308677$\spuninst\spuninst.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308677$\spuninst\spuninst.inf [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308678$\msobmain.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308678$\msobshel.htm [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308678$\spuninst\spuninst.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ308678$\spuninst\spuninst.inf [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ315000$\netsetup.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ315000$\ssdpapi.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ315000$\ssdpsrv.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ315000$\upnp.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.inf [WARNING] The file could not be opened! C:\WINDOWS\system\RESTORE.ins [0] Archive type: ARJ --> C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE [DETECTION] Contains signature of the SPR/PsKill.A.13 program [iNFO] The file was moved to '457840aa.qua'! C:\WINDOWS\system32\config\DEFAULT [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SOFTWARE [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SYSTEM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! D:\A CONSERVER\dossier Win\WinZip 8.1 Fr + WinAce 2.2 Fr + WinRar 3.11 Fr + QuickZip 2.22 Fr + Tous les cracks_by Horax1_Fr\WinAce 2.2\WinAce_Traduction_francaise.exe [0] Archive type: ACE SFX (self extracting) --> html\franais\av.htm [WARNING] Error creating the file --> html\franais\commands.htm [WARNING] No further files can be extracted from this archive. The archive will be closed D:\logiciels dl persos\WinZip 8.1 Fr + WinAce 2.2 Fr + WinRar 3.11 Fr + QuickZip 2.22 Fr + Tous les cracks_by Horax1_Fr.exe [0] Archive type: ZIP SFX (self extracting) --> WinZip 8.1 Fr + WinAce 2.2 Fr + WinRar 3.11 Fr + QuickZip 2.22 Fr + Tous les cracks_by Horax1_Fr/WinAce 2.2/WinAce_Traduction_francaise.exe [1] Archive type: ACE SFX (self extracting) --> html\franais\av.htm [WARNING] Error creating the file --> html\franais\commands.htm [WARNING] No further files can be extracted from this archive. The archive will be closed The path A:\ could not be found! Le périphérique n'est pas prêt. The path J:\ could not be found! Le périphérique n'est pas prêt. The path F:\ could not be found! Le périphérique n'est pas prêt. The path I:\ could not be found! Le périphérique n'est pas prêt. The path Q:\ could not be found! Le périphérique n'est pas prêt. The path R:\ could not be found! Le périphérique n'est pas prêt. End of the scan: jeudi 5 octobre 2006 19:49 Used time: 2:29:03 min The scan has been done completely. 7019 Scanning directories 246040 Files were scanned 14 viruses and/or unwanted programs were found 0 files were deleted 0 files were repaired 14 files were moved to quarantine 0 files were renamed 7124 Archives were scanned 40 Warnings 3 Notes je vous remercie d'avance de votre aide.

suite Uninstall list hijack Ad-Aware SE Professional Adobe Acrobat 4.0 Adobe Flash Player 9 ActiveX Adobe Photoshop 7.0 Adobe Reader 7.0.5 Language Support Adobe Reader 7.0.8 - Français Adobe® Photoshop® Album Edition Découverte 3.0 adsl TV Analyseur et SDK XML Microsoft Apna Radio (remove only) Archiveur WinRAR Avira AntiVir PersonalEdition Classic Aztech CNR V.92 Modem CCleaner (remove only) Cool Edit Pro 2.0 Correctif pour le Lecteur Windows Media [Voir wm828026 pour plus d'informations] Correctif Windows XP - KB820291 Correctif Windows XP - KB821557 Correctif Windows XP - KB823182 Correctif Windows XP - KB823559 Correctif Windows XP - KB823980 Correctif Windows XP - KB824105 Correctif Windows XP - KB824141 Correctif Windows XP - KB824146 Correctif Windows XP - KB825119 Correctif Windows XP - KB828028 Correctif Windows XP - KB828035 Correctif Windows XP - KB828741 Correctif Windows XP - KB835732 Correctif Windows XP - KB837001 Correctif Windows XP - KB840374 Correctif Windows XP - KB842773 Correctif Windows XP - KB911567 Correctif Windows XP - KB918899 Correctif Windows XP (SP2) Q328310 Correctif Windows XP (SP2) Q329170 Correctif Windows XP (SP2) Q329441 Correctif Windows XP (SP2) Q331953 Correctif Windows XP (SP2) Q810565 Correctif Windows XP (SP2) Q810577 Correctif Windows XP (SP2) Q810833 Correctif Windows XP (SP2) Q811493 Correctif Windows XP (SP2) Q814033 Correctif Windows XP (SP2) Q814995 Correctif Windows XP (SP2) Q815021 Correctif Windows XP (SP2) Q816650 Correctif Windows XP (SP2) Q817606 Correctif Windows XP (SP2) Q819696 dBpowerAMP Music Converter DelFin Media Viewer DivX Player DVD Decrypter (Remove Only) EAX Unified Empires Dawn of the Modern World ERUNT 1.1h FLV Player Gif Movie Gear 4 Google Earth Gordian Knot Rip Pack 0.35.0 HijackThis 1.99.1 Hitman - tueur à gages HP Software Update ImageDrive (Ahead Software) J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.1_03 Java Web Start jv16 PowerTools 1.3 Kaspersky Internet Security 6.0 Le Maître de l'Olympe - Zeus. Le Maître de l'Olympe et le Maître de l'Atlandide Lecteur Windows Media 10 Mafia Game MakeTorrent v2.1 Medal of Honor débarquement allié Messenger Plus! 3 Messenger Plus! Live Microsoft Office Professional Edition 2003 Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour pour Windows XP (KB898461) Mozilla Firefox (1.5) Mozilla Thunderbird (1.5) mpegable X4 live Nero Suite NetBeans IDE 3.5.1 Nokia Connectivity Cable Driver Nokia PC Connectivity Solution Nokia PC Suite NVIDIA Display Driver OmniPage SE Package du correctif Windows XP [voir Q329048 pour plus de détails] Package du correctif Windows XP [voir Q329115 pour plus de détails] Package du correctif Windows XP [voir Q329390 pour plus de détails] Package du correctif Windows XP [voir Q329834 pour plus de détails] Philips Device Plug-in Photosmart 140,240,7200,7600,7700,7900 Series PowerDVD Prince of Persia T2T Race Driver 2 RealPlayer REALTEK Gigabit and Fast Ethernet NIC Driver RegAlyzer 1.4 Rippack v3 beta 16.1 RM Converter 2.01 Service Pack 1a pour Windows XP Services de traduction fournis par WorldLingo pour Microsoft Word SetBrowser (remove only) SLD Codec Pack Spybot - Search & Destroy 1.2 Starcraft StuffPlug-NG (Messenger Plus! Plugins) TMPGEnc Plus 2.5 VERITAS RecordNow DX Video Converter 3 Warcraft II BNE WIDCOMM Bluetooth Software WinAce Archiver 2.0 WinAVI Video Converter 7.7 Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21) Windows Installer 3.1 (KB893803) Windows Installer Clean Up Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format Runtime Windows Sasser Worm Removal Tool (KB841720) WinZip

bonjour desolee d'avoir mis du temps mais j'etais au boulot. j'ai suivi les indications et voici les differents logs: Logfile of HijackThis v1.99.1 Scan saved at 20:56:33, on 05/10/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\cleanmgr.exe C:\Program Files\HijackThis\natsroshan.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - Global Startup: BTTray.lnk.disabled O4 - Global Startup: Microsoft Office.lnk.disabled O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{21C1B762-BC06-4259-BDE5-D4F1C58635CB}: NameServer = 212.27.54.252,212.27.53.252 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - (no CLSID) - (no file) O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

rebonjour merci pour les explications sur le fontionnement du forum. c'est un peu plus clair. par contre pouquoi dois-je installer encore et encore de nouveaux programmes? j'ai deja installé hijack, spybot s&d, ccleaner,ad-aware (payant),regalyzer,regseeker... en plus de mon antivirus habituel. mais il faut encore que j'installe antivir?!!! est il plus efficace que les autres? vraiment desolee de vous faire perdre du temps. dommage pour moi parce que je ne comprends pas..

Bonjour j'ai cherché dans le forum mais vu que je ne suis pas douée, je rame toujours!!! j'espere que je poste mon probleme dans la bonne section! j'utilise mozilla firefox 1.5.0.7 comme navigateur internet. depuis deux semaines j'ai un Pb: après avoir fermé firefox (normalement) je me rends compte que dans le gestionnaire de taches il est tjrs ouvert. Voir plus: j'ai des fois jusqu'à 6 processus firefox.exe ouverts. Le pire c'est que impossible d’arrêter ce programme : quand je fais terminer le processus (ou l'arborescence) dans le gestionnaire de taches , j'ai le message d'avertissement habituel, je valide quand même et puis....rien du tout. Ils sont tjrs là. La seule manière de tout arrêter est de redémarrer mon pc (je suis bien obligée, car par exemple en ce moment, il ya 5 processus firefox qui me bouffent au total 188 000 ko de mémoire). Pouvais vous m'aider svp?ci-joint le log hijack. Logfile of HijackThis v1.99.1 Scan saved at 23:02:59, on 04/10/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe E:\torrents\utorrent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\AMINATA\Bureau\registre\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - Global Startup: BTTray.lnk.disabled O4 - Global Startup: Microsoft Office.lnk.disabled O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{21C1B762-BC06-4259-BDE5-D4F1C58635CB}: NameServer = 212.27.54.252,212.27.53.252 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - (no CLSID) - (no file) O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe merci d'avance.